According to the APWG report, the number of malicious websites used for the fraudulent activities in the first quarter was 125,215, an increase of 10 % respect the same period of 2013 when the number of phishing websites observed was 111,773.
The APWG report reveals that fifty percent of the number of phishing attacks targeted payment services in the first quarter. Payment services are once again the most targeted industry, attacks against the financial industry was about 20 percent of the time, other phishing attacks targeted ISP, gaming, auction, government and social networking industries.
The APWG report confirms that the US, once again, hosted the majority of phishing sites:
“The United States continued to be the top country hosting phishing sites during the first quarter of 2014. This is mainly due to the fact that a large percentage of the world’s Web sites and domain names are hosted in the United States. A spate of phishing hit Turkey-based hosters in February and March.” states the report.
The percentage of infected machines on a global scale in Q1 has increased, reaching 32.77 percent, the countries with the greatest number of compromised PC are China (52.36% of computers in the country infected), followed by Turkey (43.59%) and Peru (42.14%).
“China tops the list because there are many unpatched installations of Windows there,” “Some of those installations are unpatched because they are pirated or unlicensed copies of Windows.” said Greg Aaron, President of Illumintel and APWG Senior Research Fellow.
The phishers continue target legitimate entities, the number of targeted brands jumped to 557 from 525 in the previous quarter.
“Criminals [are] attacking new brands,”“Almost any enterprise that takes in personal data via the web is a potential target. While phishing has traditionally targeted banks and money transfer services such as PayPal, we’re seeing a wider range of targets getting spoofed, such as Airbnb and grocery store chains.” Aaron added.
The APWG report shows a worrying scenario, the efficiency and the volume of phishing activities continue to increase making phishing one of the most dangerous cyber threats.
Awareness, information sharing on the threat and the adoption of proper countermeasures are necessary action to take for the threat mitigation.
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.