October 26, 2012 at 00:14Phishers no longer do cybersquatting
According to research by the anti-phishing working group, the number of domains occupied by cybersquatters and used for phishing purposes is rapidly declining. Only 2% of phishing attacks come from cybersquatter domains.
The report of the working group for the first half of 2012 examined 64,204 phishing domains. Of these, only 7712 (12%) were registered by scammers themselves. All the rest belonged to innocent third parties. In the second half of 2011, 12895 domains belonging to phishers were noticed, and in the first half of 2011 - 14650 names.
Most (66%) of the domains occupied by scammers focused on deception of Chinese users.
The most dangerous domain zone is the .TK zone, in which there is the possibility of free registration of a second-level domain. More than half of phishing sites are located in this area.
Somewhat unexpected was the fact that only 1350 domains (2%) contained the brand name (cybersquatting) or the brand name with a typo (typosquatting). This is almost two times less than 2322 such domains noted in the second half of 2011.
According to the working group, fraudsters have changed their strategy and do not act in such straightforward methods as before. On the one hand, brand protection technologies have improved, and large companies are constantly checking the Internet for cybersquatter domains. On the other hand, phishers, as a rule, choose discreet domain names, which may not arouse suspicion in the user. The phishing domain name can be anything at all, and brand names are usually placed in the name of a subdomain or directory.
Fraudsters usually place links to their sites somewhere on the Internet in the hope that an inattentive user will not pay attention to the “basis” of the address - the domain name.
The report of the working group for the first half of 2012 examined 64,204 phishing domains. Of these, only 7712 (12%) were registered by scammers themselves. All the rest belonged to innocent third parties. In the second half of 2011, 12895 domains belonging to phishers were noticed, and in the first half of 2011 - 14650 names.
Most (66%) of the domains occupied by scammers focused on deception of Chinese users.
The most dangerous domain zone is the .TK zone, in which there is the possibility of free registration of a second-level domain. More than half of phishing sites are located in this area.
Somewhat unexpected was the fact that only 1350 domains (2%) contained the brand name (cybersquatting) or the brand name with a typo (typosquatting). This is almost two times less than 2322 such domains noted in the second half of 2011.
According to the working group, fraudsters have changed their strategy and do not act in such straightforward methods as before. On the one hand, brand protection technologies have improved, and large companies are constantly checking the Internet for cybersquatter domains. On the other hand, phishers, as a rule, choose discreet domain names, which may not arouse suspicion in the user. The phishing domain name can be anything at all, and brand names are usually placed in the name of a subdomain or directory.
Fraudsters usually place links to their sites somewhere on the Internet in the hope that an inattentive user will not pay attention to the “basis” of the address - the domain name.