Phishers exploiting cheaper domain registrations


21 Aug 2007

Share on FacebookTweet about this on TwitterShare on LinkedInShare on Google+Pin on PinterestShare on RedditEmail this to someone

Share on FacebookTweet about this on TwitterShare on LinkedInShare on Google+Pin on PinterestShare on RedditEmail this to someone

Spoofed websites are typically live for less than seven days, internet security firm Trend Micro has revealed.

The use of unclassified URLs is the primary method by which phishers lure victims into giving away their personal data, the company’s research arm TrendLabs found during July.

It said the ease of obtaining an online presence due to cheaper domain registration rates was partially to blame for the continued prevalence of phishing sites, and suggested that phishing attempts are likely to increase.

The introduction of phishing kits into the underground markets is also estimated to lead to a growth in phishing activity online. Ever-more sophisticated techniques involving social engineering targeted at smaller, more regional establishments are emerging, with targeted phishing showing an increase in the past six months.

The use of unclassified URLs was the most common phishing method for the first half of 2007, used in 56pc of phishing attacks.

The top ten companies whose websites were spoofed by phishers during the past six months are: eBay; Paypal; Bank of America; Wachovia; Fifth Third Bank; BB&T; Poste Italiane; Sparkasse; Regions Bank; and VolksBank.

The list shows that phishing attempts are now targeted at smaller, regional banks.

TrendLabs also reported a phishing attack on Ulster Bank this month.

By Niall Byrne