IBM X-Force says that 92 per cent of last weeks new phishing web sites were kit-based!
Last week, the IBM X-Force research and development team identified 3,544 new phishing websites. The X-Force research team have some new analytical engines in place that can now positively identify sites which run a phishing kit. This shows that 3,256 of those phishing web sites were actually associated with Phishing Kits.
Drilling down into the data reveals that those phishing kit sites tied back to 100 registered domains (compared to the 288 non-kit phishing websites that made use of 276 registered domains). The majority of these domains (44 per cent) were registered with the .HK ccTLDs (country code Top Level Domains).
This data represents a single weeks worth of phishing attacks but nevertheless it clearly shows that the use of phishing kits (with their multiple sites hosted on a single server) greatly inflates the total number of phishing sites that are commonly reported each week, and that this number does not adequately reflect the number of hosts that are actually involved in a phishing scam.
Differentiating between hosts that are running phishing kits and those that are not is thus important, both in terms of risk evaluation, response and law enforcement.
Related links: (Open in a new window.)
www.iss.net/
Taken from Information Security Bulletin.