Dear all,

The Anti-Phishing Working Group (APWG) has just released an updated Global Phishing Survey report. See below and attached for details!

Kind regards,

Gabi

------ Forwarded Message
From: Rod Rasmussen <rod.rasmussen@internetidentity.com>
Date: Thu, 22 Oct 2009 14:09:12 -0700
To: Chris Disspain <ceo@auda.org.au>, Gabriella Schittek <gabriella.schittek@icann.org>
Subject: Brand New APWG report on worldwide phishing - breakdowns by TLD including malicious registrations and Avalanche

I wanted to let you know that we have just released an update to our Global Phishing Survey in conjunction with the APWG meeting this week.  Of particular note are phishing attacks by the Avalanche group that are concentrating efforts on particular registrars and TLDs, including several ccTLDs, and represent nearly a quarter of all phishing attacks this year.

Highlights of the study include:

* Phishing attack and uptime statistics for all TLDs.
* Statistics for domain name registrations made by phishers, versus phish on compromised (hacked) web servers used by innocent registrants
* The average uptime of all phishing attacks was noticeably shorter than in 2008.
* The amount of Internet domain names and numbers used for phishing has remained fairly steady over the past two years.
* One criminal operation known as "Avalanche" is now responsible for a quarter of the phishing attacks in the world.
* The great majority of phishing is concentrated in just a few namespaces.
* The unique characteristics of IDNs are not being used to facilitate phishing, and there are factors that may perpetuate this trend in the future.  We found only one homographic attack so far this year.

Best Regards and Cheers!

Rod

Rod Rasmussen
President and CTO, Internet Identity
Co-Chair, APWG Internet Policy Committee
1 (253) 590-4088
1 (253) 297-0377 (mobile)
rod.rasmussen@internetidentity.com



------ End of Forwarded Message