Last visit was: Sat Jul 05, 2014 12:41 pm
It is currently Sat Jul 05, 2014 12:41 pm

APWG Report Cites ‘Avalanche’ of Phishing


All times are UTC - 5 hours [ DST ]


 [ 3 posts ] 
Author Message
 PostPosted: Sun May 16, 2010 8:48 am   
Spammers' Nightmare
User avatar

Joined: Thu Apr 05, 2007 4:10 pm
Posts: 2777
APWG just had a recent eCrime meeting in Brazil this past week (May 2010).

APWG's report in PDF format.

Below was the biggest headline from the conference that I found online (sample story):

APWG Report Cites ‘Avalanche’ of Phishing

Quote:
Two-thirds of all phishing attacks detected worldwide in the second half of last year can be traced to a single electronic crime syndicate, according to a new report. ...


Top
 Profile  
 PostPosted: Sun May 16, 2010 10:21 am   
You are kiillllling-a my bizinisss!
User avatar

Joined: Thu Mar 01, 2007 3:01 am
Posts: 5915
Wow, lots of meat in that report for us to chew on. I haven't finished reading, but the summary is promising already:

Quote:
1. The Avalanche phishing gang was responsible for two-thirds of all phishing attacks launched in 2H2009. (Page 5) Avalanche successfully targeted vulnerable or non-responsive domain name registrars and registries. However, Avalanche changed its activities significantly in November 2009, and as of this writing has a different modus operandi and greatly reduced scale. (Page 9)
2. In 2H2009, the average uptime of all phishing attacks continued to drop from previous periods. (Page 11) Some of this improvement is due to the attention that Avalanche phishing received from the response community. The average uptime for Avalanche domains was less than half of that for non-Avalanche domains. Unfortunately, non-Avalanche phish stayed up noticeably longer in 2H2009 than they did in 1H2009.
3. The amount of Internet domain names and numbers used for phishing has remained fairly steady over the past two-and-one-half years, a period in which the number of registered domain names in the world has grown. (Page 15)
4. The great majority of phishing continued to be concentrated in certain namespaces -- just five top-level domains (TLDs). (Page 15)
5. Phishers are not leveraging the unique characteristics of internationalized domain names (IDNs), and there are factors that may perpetuate this trend in the future. (Page 19)
6. Phishers continue to use subdomain services to host and manage phishing sites. Phishers use such services as often as they register domain names. This activity shows phishers using services that cannot be taken down by domain registrars or registry operators, in the hopes of extending uptimes of attacks. (Page 20)


"Subdomain services" would be the "Hosters" that Red keeps on top of.


Top
 Profile  
 PostPosted: Sun May 16, 2010 8:49 pm   
You are kiillllling-a my bizinisss!
User avatar

Joined: Tue Jun 27, 2006 2:01 am
Posts: 9227
AlphaCentauri wrote:
Wow, lots of meat in that report for us to chew on. .....
Quote:
6. Phishers continue to use subdomain services to host and manage phishing sites. Phishers use such services as often as they register domain names. This activity shows phishers using services that cannot be taken down by domain registrars or registry operators, in the hopes of extending uptimes of attacks. (Page 20)


"Subdomain services" would be the "Hosters" that Red keeps on top of.


Fascinating reading.
Yes, I see in their hoster lists my old favorites who shut down the bad guys immediately, like
    pochta.ru
    nextmail.ru
    110mb.com
    t35.com


Top
 Profile WWW  
 [ 3 posts ] 

All times are UTC - 5 hours [ DST ]


Who is online

Users browsing this forum: Wayback machine and 0 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  


Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
Style originally created by Volize © 2003 • Redesigned SkyLine by MartectX © 2008