Phishing websites up 10 percent in Q1 2014, the U.S. still hosts the majority

Share this article:
The fairly convincing phishing scam is being hosted on a compromised EA Games server.
A large percentage of the world's websites and domain names are hosted in the U.S.

The United States continued to host the majority of phishing websites in the first quarter of 2014, but did not even crack the top 36 when it came to global computer infection rates, according to research from the Anti-Phishing Working Group (APWG).

The number of overall phishing sites observed in the first quarter of 2014 was 125,215, marking a more than 10 percent increase over the final quarter of 2013, during which 111,773 phishing sites were observed, according to the APWG Phishing Activity Trends Report for the first quarter of 2014.

The U.S. hosted more than 40 percent of those sites in each of the first three months of the year, according to the report. The U.S. hosted more than 56 percent of phishing websites in January, but that number dropped a bit following an uptick of sites hosted in Turkey in February and March.

“The U.S. hosts the most phishing sites because a large percentage of the world's websites and domain names are hosted in the United States,” Greg Aaron, president of Illumintel and senior research fellow with APWG, told SCMagazine.com in a Wednesday email correspondence.

John Lacour, founder of PhishLabs, told SCMagazine.com in a Wednesday email correspondence that about 80 percent of phishing sites are hosted on compromised websites, according to PhishLabs data. Lacour said that trend will not change until website security is significantly improved.

The number of brands and legitimate entities targeted in phishing attacks also went up in the first quarter of 2014, jumping to 557 from 525 in the previous quarter, according to the report.

“Criminals [are] attacking new brands,” Aaron said. “Almost any enterprise that takes in personal data via the web is a potential target. While phishing has traditionally targeted banks and money transfer services such as PayPal, we're seeing a wider range of targets getting spoofed, such as Airbnb and grocery store chains.”

Page 1 of 2
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Reported breaches involving zero-day bug at JPMorgan Chase, other banks

Reported breaches involving zero-day bug at JPMorgan Chase, ...

Hackers exploited a zero-day vulnerability and gained access to sensitive information from JPMorgan Chase and at least four other financial institutions, reports indicate.

Data on 97K Bugzilla users posted online for about three months

During a migration of the testing server for test builds of Bugzilla software, data on about 97,000 Bugzilla users was inadvertently posted publicly online.

Chinese national had access to data on 5M Arizona drivers, possible breach ...

Although Lizhong Fan left the U.S. in 2007, the agencies responsible for giving him access to Americans' personal information have yet to disclose the details of the case to the public.