Anti-Phishing Working Group Report Indicates Phishers Achieving Greater Automation
Anti-Phishing Working Group (APWG) analysts have uncovered disturbing shifts in phishing attacks indicating that hackers are achieving new levels of automation, possibly commanding software tools and BOT nets to vastly increase the potency of their phishing campaigns.
Starting in early October, APWG analysts witnessed massive increases in the amount of phishing sites, most all outside the US, indicating that a new and powerful set of tools might have been deployed recently.
Moreover, the number of sites that are being hosted on what appear to be compromised broadband PC's has risen to more than 50 percent, leading Dan Hubbard, Senior Director of Security and Technology Research at Websense, Inc., to suspect that "some automation was involved with a BOT Network to either send more emails and/or host more sites."
Meanwhile, the number of brands subjected to the largest numbers of phishing attacks rose from four in July to six in October, indicating a broadening of attack subjects, CTO John Thielens of Tumbleweed Communications wrote in the APWG's Phishing Activity for October report.
The APWG, with this report, authored jointly by Websense (R) Security Labs (TM) and Tumbleweed Communications, redrafted its methodology to give greater resolution to the server side of phishing attacks and, at the same time, omitted scoring of the number of attacks against individual brand-holders, referencing only broad verticals.
The full text of the report is available online at: http://www.antiphishing.org/APWG_Phishing_Activity_Report-Oct2004.pdf
Source: press release
Permalink: Anti-Phishing Working Group Report Indicates Phishers Achieving Greater Automation
