April 28, 2012
A new report released by the Anti-Phishing Working Group (APWG) states phishers have been registering more subdomains than regular domain names for the first time.
The report, based on data gathered during the second half of 2011, says 17,390 phishing attacks hosted on subdomain services were detected by the group; coming from 16,664 unique subdomains - a 38% increase from the 12,574 attacks recorded in the first half of 2011.
Some of the uptick in subdomain abuse has been explained as partly due to improvement in top-level domain name registration and security policies; forcing the fraudsters to seek softer targets for acquiring names.
APWG defines subdomain registration services as web hosts that provide subdomain names for use by their clients beneath a name the provider owns. Over 30% of subdomain based phishing attacks detected originated with accounts associated with a single hosting provider in Poland.
APWG also says the .tk (Tokelau) extension continued to have a high phish per ten thousand domains; with a score of score of 12.0 during the period.
.COM had a phishing domains-per-10,000 score of 2.3. The world's most popular extension made up 40% of the phishing domains in APWG's data.
Of the 50,000+ domains used for phishing in the second half of last year, APWG identified 25% as being malicious registrations, with the remaining three-quarters compromised or hacked domains.
Well over half of the world's malicious registrations were made in the .TK TLD and 93% were made in just four TLDs: TK, .COM, .INFO, and .IN.
The analysis identifies a relative handful of stand-out registrars that phishers favor, with five of the top eight registrars located in China - one with a phish per ten thousand domains score of 554.3.
In regard to Australian domain names, 843 phishing attacks from 624 domains were recorded in the second half of 2011. AWG pegs the .AU phishing score at 2.8 per ten thousand domains.
"Global Phishing Survey: Trends and Domain Name Use in 2H2011" can be viewed in full here (PDF)
Have a web site or blog? Get our free domain news widget.
How to register a name: Enter your choice in the search tool and click 'GO'. If after the check the domain names search results show your choice is available, you will then have the option to proceed to purchase registration; which is a very quick and easy process - start a search and find your ideal website address now.