emPower

Phishing URLs at All-Time High

cybercrimeSC Magazine reports that MarkMonitor, an internet fraud and brand-protection vendor, has determined that the number of phishing URLs reached a record high during Q2 2009 with more than 150,000 phishing URLs being established – eclipsing the previous record set during Q1 2007.

According to the researchers, the huge spike was mainly due to phishing attacks that rapidly change DNS records of phishing URLs to avoid shutdown attempts from security vendors or companies whose brands are being spoofed. However, another reason for the spike was the increasing number of phishing attacks mimicking the login pages of social networks – the incidence of phishing attacks posing as social networks increased by 168 percent from Q2 2008 to Q2 2009.

These results are in conflict with the results presented in IBM’s mid-year security report which showed a significant drop-off in phishing attacks. According to that report, IBM’s analysts believe that Trojans are taking the place of phishing in attacks on financial targets (banks, credit unions …).

Interesting timing! Earlier this week, Cosaint rolled out a new security awareness course covering phishing, spear-phishing, and related forms of social engineering that use email as a vector. Let me know if you’d like to take a look.

Like this post? Subscribe to receive updates directly in your inbox.