Subscribe for the latest Brand Protection info in your inbox

Your email:

Follow Us!


Current Articles | RSS Feed RSS Feed

Phishing 2013: What We Learned at APWG’s Annual Conference


phishing 2013 finalCybercrime is expanding and the phishers are developing new techniques to bypass the latest online security. From web browsers on video game consoles, to mass text messaging, to mobile browsing, e-criminals are seeking new opportunities to acquire your customers’ financial identities. 

Thanks to partnerships with organizations like the APWG we are all stronger and better equipped to disable these malicious attacks. BrandProtect remains ahead of the curve by understanding and predicting cybercrime trends, and phishing techniques while cross referencing that data with other industry leaders. 

5 highlights from APWG’s Global Phishing Survey: Trends and Domain Name Use 

1. Vulnerable hosting providers are inadvertently contributing to phishing. Mass compromises led to 27 percent of all phishing attacks 

2. Phishing continues to explode in China where the expanding middle class are using e-commerce more often.

  • Chinese phishers prefer to register domains more than other e-criminals.
  • The Major targets are, ICBC, CCTV, ZJSTV and Tencent.
  • Chinese phishers registered 450 additional to attack internationally,  mainly posing as gaming sites for, Runescape and World of Warcraft.  

3. The number of phishing targets (brands) is up, indicating that e-criminals are spending time looking for new opportunities. APWG counted 720 unique target institutions in the first half of 2013, a significant increase from the 611 found during the second half of 2012. 

  • Top 80 targets were attacked 100 or more times each
  • Half the the targets were attacked one to three times 

4. Phishers continue to take advantage of inattentive or indifferent domain name registrars, registries, and subdomain resellers. The number of top-level registries is poised to quintuple over the next two years. 

  • The top 3 phishing TLDs are Palau [ .pw ], Nepal [ .np ] and Thiland [ .th ]             
  • Thailand’s .TH continues to rank highly due to compromised government and university Web servers.  

5. The average and median uptimes of phishing attacks are climbing. 

  • Median uptimes have increased from 26 hours (2H2012) to 44 hours (1H2013)
  • First day of a phishing attack is the most lucrative for the phisher. Quick takedowns are essential.

The full text of the report is available here:


“The first half of 2013 saw a shift from traditional web-based phishing to a more modern threat landscape – more malware, specifically more mobile malware, more social engineering attacks, more social media based ID Theft attacks, and more spear phishing.” Said Dylan Sachs, Director, Incident Response of BrandProtect.  “We don’t anticipate similar year-over-year growth in the traditional phishing space, but mobile malware and social media-based risk are expected to continue to grow over the next 12-24 months, as financial institutions persistently and aggressively target phishing and the perpetrators look for other, more profitable ventures.” 

About Anti-Phishing Working Group

BrandProtect is an active participant in the Anti-Phishing Working Group (APWG), the global pan-industrial and law enforcement association focused on eliminating fraud and identity theft that result from phishing, pharming, and email spoofing of all types. We provide phish detection and verification services for APWG and its 2000+ members, which helps to better secure the internet and protect consumer’s personal information.




Like this article? Subscribe to our blog





There are no comments on this article.
Comments have been closed for this article.