Phishers are no longer engaged in cybersquatting
According to the research of the anti-phishing workgroup, the number of domains occupied by cybersquatters and used for the purpose of phishing is rapidly falling. Only 2% of phishing attacks come from cybersquatting domains.
In the report of the working group for the first half of 2012, 64204 phishing domains were investigated. Of these, only 7712 (12%) were registered by the fraudsters themselves. All others belonged to innocent third parties. In the second half of 2011, 12895 domains belonging to phishers were noticed, and in the first half of 2011 - 14,650 names.
The majority (66%) of the domains occupied by fraudsters focused on the deception of Chinese users.
')
The .TK zone is recognized as the most dangerous domain zone in which there is a possibility of free registration of a second-level domain. More than half of phishing sites located in this area.
Somewhat unexpected was the fact that only 1350 domains (2%) contained a brand name (cybersquatting) or a brand name with a typo (typsquatting). This is almost two times less than the 2322 such domains, noted in the second half of 2011.
According to the working group, fraudsters have changed their strategy and do not act by such straightforward methods as before. On the one hand, brand protection technologies have improved, and large companies are constantly checking the Internet for cybersquatter domains. On the other hand, phishers, as a rule, choose discreet domain names that may not cause the user suspicion. The phishing domain name can be anything at all, and brand names are usually placed in the name of a subdomain or directory.
Fraudsters usually place links to their sites somewhere on the Internet with the expectation that an inattentive user will not pay attention to the “base” of the address - the domain name.
In the report of the working group for the first half of 2012, 64204 phishing domains were investigated. Of these, only 7712 (12%) were registered by the fraudsters themselves. All others belonged to innocent third parties. In the second half of 2011, 12895 domains belonging to phishers were noticed, and in the first half of 2011 - 14,650 names.
The majority (66%) of the domains occupied by fraudsters focused on the deception of Chinese users.
')
The .TK zone is recognized as the most dangerous domain zone in which there is a possibility of free registration of a second-level domain. More than half of phishing sites located in this area.
Somewhat unexpected was the fact that only 1350 domains (2%) contained a brand name (cybersquatting) or a brand name with a typo (typsquatting). This is almost two times less than the 2322 such domains, noted in the second half of 2011.
According to the working group, fraudsters have changed their strategy and do not act by such straightforward methods as before. On the one hand, brand protection technologies have improved, and large companies are constantly checking the Internet for cybersquatter domains. On the other hand, phishers, as a rule, choose discreet domain names that may not cause the user suspicion. The phishing domain name can be anything at all, and brand names are usually placed in the name of a subdomain or directory.
Fraudsters usually place links to their sites somewhere on the Internet with the expectation that an inattentive user will not pay attention to the “base” of the address - the domain name.
Source: https://habr.com/ru/post/156171/
All Articles