iEntry 10th Anniversary RSS Archive

IT Management Begins With Security
SecurityProNews > Insider Reports > Insider > Majority Of Domain Names Used By Phishers Are Legitimate
Search:
[ insider_reports_insider ]

Majority Of Domain Names Used By Phishers Are Legitimate



Mike Sachoff
Staff Writer
2009-05-28

SecurityProNews: Insider Reports Insider Reports RSS Feed


The majority (81%) of domain names used for phishing are legitimate domains that have been hacked, according to a new report from the Anti-Phishing Working Group (APWG).

Majority Of Domain Names Used By Phishers Are Legitimate
Majority Of Domain Names Used By Phishers Are Legitimate

Among 30,454 phishing domains, only 5,991 domain names (18.5%) were registered by phishers. The rest of the small percentage of the domains used in phishing belonged to subdomain resellers such as ISPs and other online services.

"Phishing most often takes place on compromised Web servers, where the phishers place their phishing pages unbeknownst to the site operators,"" says APWG.

"This method gains the phishers free hosting, and complicates take-down efforts because suspending a domain name or hosting account also disables the resolution of the legitimate user's site. Phishing on a compromised Web site typically takes place on a subdomain or in a subdirectory, where the phish is not easily noticed by the site's operator or visitors."

Major findings include:

1. Phishers are increasingly using subdomain services to host and manage their phishing sites. This trend shows phishers migrating to services that cannot be taken down by registrars or registry operators, thereby frustrating some takedowns and extending the uptimes of attacks.

2. Phishers continue to target specific TLDs and specific domain name registrars, and shift their preferences over time.

3. The amount of Internet names and numbers used for phishing has remained fairly steady over the past two years.

4. Anti-phishing programs implemented by domain name registries can have a remarkable effect on the up-times (durations) of phishing attacks.

5. There are decreases in phishing on IP addresses and the use of brand names in domain names to fool users. Phishers are not using IDNs (Internationalized Domain Names).


About the Author:
Mike is a staff writer for WebProNews. Visit WebProNews for the latest ebusiness news.

More insider_reports_insider Articles

SecurityProNews: Insider Reports Insider Reports RSS Feed

Get Your Site Submitted for Free in the World's Largest B2B Directory!

Email Address:
* URL:
*
*Indicates Mandatory Field

Terms & Conditions

iEntry Featured Services: Jayde Member Services | Forums | Freeware | Advertise with Us

Contact Us | Advertise | Newsletter Archive | Sitemap | Submit an Article | News Feeds
SecurityProNews is an iEntry, Inc.® publication - $line) { echo $line ; } ?> All Rights Reserved | Privacy Policy and Legal		 Join the WebProWorld Forums: Click Here
Virus Warnings

Subscribe to
SecurityProNews FREE!


[ more newsletters ]

Featured On:
article resources
Search Articles:
[advanced search]

WebProWorld.com
Get in-touch with industry experts and leaders
Post your site for review by expert and peers
Ask Security, IT, Development and Design questions

Free Membership: Join Now!

Visit WebProWorld.com

Titan Quest Forum
The #1 Titan Quest forum
Halo 3 Forum
The best Halo, Halo 2, Halo 3 forum
Nintendo Wii
Nintendo Wii news and views
Mac Software
The best in OS X freeware
Graphics Forum
Your source for graphic tutorials
SecurityProNews.com | Breaking eBusiness News Get Your IT Questions Answered - Click Here SecurityProNews News Feeds