Majority Of Domain Names Used By Phishers Are Legitimate

The majority (81%) of domain names used for phishing are legitimate domains that have been hacked, according to a new report from the Anti-Phishing Working Group (APWG).

Among 30,454 phishing domains, only 5,991 domain names (18.5%) were registered by phishers. The rest of the small percentage of the domains used in phishing belonged to subdomain resellers such as ISPs and other online services.
"Phishing most often takes place on compromised Web servers, where the phishers place their phishing pages unbeknownst to the site operators,"" says APWG.
"This method gains the phishers free hosting, and complicates take-down efforts because suspending a domain name or hosting account also disables the resolution of the legitimate user's site. Phishing on a compromised Web site typically takes place on a subdomain or in a subdirectory, where the phish is not easily noticed by the site's operator or visitors."
http://www.securitypronews.com/insiderreports/insider/spn-49-20090528MajorityOfDomainNamesUsedByPhishersAreLegitimate.html

DKD DomainNews

Domain Name News, The Domain Industry News, ICANN News, Registry News, Domainer News, Domain

Newsletter

Lasted posts on our Forum

Last News