The Anti-Phishing Working Group (APWG) published the Phishing Trends Report for Q4 2016. The data are worrisome, 2016 ended as the worst year for phishing in history. The experts reported the total number of phishing attacks in 2016 was 1,220,523, a 65 percent increase over 2015.
The analysis of data across the years could give us precious information about the evolution of phishing activities.
In little more than a decade, the number of phishing attacks per month observed in Q4 is passed from 1,609 in 2004, up to 92,564 phishing attacks per month in 2016 (+5,753 percent).
The most targeted industry sectors in the fourth quarter of 2016 are the Retail and Financial services.
The Phishing Trends Report for Q4 2016 includes data provided by the company Axur that is located in Brazil. Axur focused on monitoring phishing attacks on financial organizations, technology firms, airlines, and online marketplaces located in the country.
“Fraudsters in Brazil are using both traditional phishing and social media to defraud Internet users. They are also using technical tricks to make it harder for responders to stop theses scams. ” states the APWG.
According to the APWG, the overall number of brands targeted by phishers during the holiday season dropped in a significant way, likely because crooks concentrated on fewer targets.
The company RiskIQ that monitored thousands of phishing attack revealed that the top-10 TLDs where phishing attacks occurred in 4Q2016 were:
The report shows that very few phishers registered domain names that were confusingly similar to the legitimate brands. The crooks mostly used URL with brand names, or misspellings thereof, in subdomains.
“A relatively low percentage of phishing websites targeting a brand attempt to spoof that brand in the domain name—whether at the second-level or in the fully-qualified domain name,” says Jonathan Matkowsky, VP for intellectual property & brand security at RiskIQ. This is evidence that phishers do not need to use deceptive domains names to fool Internet users into visiting their sites. Instead, users are often fooled by hyperlinks (which must be hovered over to even see the destination domain), URL shorteners, which mask the destination domain, or brand names inserted elsewhere in the URL.
Let’s close with a look at the country most plagued by malware, China it the top with 47.09% of infected machines, followed by Turkey (42.88%) and Taiwan (38.98%).
(Security Affairs – Phishing Trends Report for Q4 2016, cybercrime)