Phishing websites up 10 percent in Q1 2014, the U.S. still hosts the majority

Share this article:
The fairly convincing phishing scam is being hosted on a compromised EA Games server.
A large percentage of the world's websites and domain names are hosted in the U.S.

The United States continued to host the majority of phishing websites in the first quarter of 2014, but did not even crack the top 36 when it came to global computer infection rates, according to research from the Anti-Phishing Working Group (APWG).

The number of overall phishing sites observed in the first quarter of 2014 was 125,215, marking a more than 10 percent increase over the final quarter of 2013, during which 111,773 phishing sites were observed, according to the APWG Phishing Activity Trends Report for the first quarter of 2014.

The U.S. hosted more than 40 percent of those sites in each of the first three months of the year, according to the report. The U.S. hosted more than 56 percent of phishing websites in January, but that number dropped a bit following an uptick of sites hosted in Turkey in February and March.

“The U.S. hosts the most phishing sites because a large percentage of the world's websites and domain names are hosted in the United States,” Greg Aaron, president of Illumintel and senior research fellow with APWG, told SCMagazine.com in a Wednesday email correspondence.

John Lacour, founder of PhishLabs, told SCMagazine.com in a Wednesday email correspondence that about 80 percent of phishing sites are hosted on compromised websites, according to PhishLabs data. Lacour said that trend will not change until website security is significantly improved.

The number of brands and legitimate entities targeted in phishing attacks also went up in the first quarter of 2014, jumping to 557 from 525 in the previous quarter, according to the report.

“Criminals [are] attacking new brands,” Aaron said. “Almost any enterprise that takes in personal data via the web is a potential target. While phishing has traditionally targeted banks and money transfer services such as PayPal, we're seeing a wider range of targets getting spoofed, such as Airbnb and grocery store chains.”

Page 1 of 2
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

LEADS Act addresses gov't procedure for requesting data stored abroad

LEADS Act addresses gov't procedure for requesting data ...

Senators introduced the legislation last week as a means of amending the Electronic Communications Privacy Act (ECPA).

Report: Intrustion prevention systems made a comeback in 2013

Report: Intrustion prevention systems made a comeback in ...

A new report indicates that intrusion prevention systems grew 4.2 percent in 2013, with growth predicted to continue.

Mobile device security sacrificed for productivity, study says

Mobile device security sacrificed for productivity, study says

A Ponemon Institute study, sponsored by Raytheon, revealed that employees increasingly use mobile devices for work but cut corners and circumvent security.