Digital Transactions Authoritative, insightful and timely information for payments professionals
The number of unique Web sites hosting phishing attacks, a figure that has been increasing sharply in recent months, took another huge upturn in April, according to the latest statistics from the Anti-Phishing Working Group. The population of such sites jumped 15% last month, to 11,121, the APWG's April report, released this week, says. The group, a consortium of security vendors, payments networks, and law-enforcement agencies that has been tracking phishing trends since the fall of 2003, called this “a monumental increase…from March and the highest ever recorded by the APWG.” Just as ominous, the group's April report says the number of sites hosting so-called keyloggers and other malicious code used by online fraudsters also shot up, to 2,683 from 2,157 in March, a 24% climb. This, too, represents a record monthly number in the time the APWG has been tracking online crimeware. Among the bright spots in the report was the decline in phishing blasts, or unique waves of e-mails launched by phishing fraudsters. These fell to 17,490 from a record 18,480 in March. The April number, however, ranks as the third highest reported by the APWG. A single e-mail blast might comprise hundreds of thousands of messages. At the same time, the group says the number of unique applications of password-stealing malware it detected in April also dropped, to 180 from the record 197 found in March. This code is especially pernicious, the group's report says, because “unlike most generic keyloggers, phishing-based keyloggers have tracking components which attempt to monitor specific actions (and specific organizations, most importantly financial institutions and online retailers and e-commerce merchants) in order to target specific information…” The average uptime for a phishing site in April was five days, the report says. The longest time online was 31 days. Phishing involves the use by criminals of e-mail messages sent to online consumers that use the logos, slogans, and other indicia of trusted brands to dupe recipients into visiting bogus Web sites to enter passwords, PINs, and other data the fraudsters can use to loot accounts. In some cases, malware, or malicious code, installed by the fraudsters automatically redirects unwary users to such sites, even when they type in the addresses of legitimate sites, such as banks or other financial-services firms.
