Analyses reveal most phishing occurs on domains registered by phishers, for phishing
HOPKINTON, MA, UNITED STATES, September 23, 2021 /EINPresswire.com/ — Interisle Consulting Group today announced the publication of an industry report, Phishing Landscape 2021, An Annual Study of the Scope and Distribution of Phishing. The study, which analyzes nearly 1.5 million phishing reports representing 700,000 phishing attacks, shows that phishing increased by nearly 70% over the period 1 May 2020 through 30 April 2021.
Phishing continues to pose a significant threat to millions of Internet users. Among the major findings in the study, Interisle reports that:
• Most phishing is concentrated at small numbers of domain registrars, domain registries, and hosting providers. 69% of the domains used for phishing were registered in 10 Top-level Domains and 69% were registered through just 10 registrars.
• Phishing attacks are disproportionately concentrated in new gTLDs. While the new TLDs’ market share decreased during our yearly reporting period, phishing among the new TLDs has increased.
• Phishing domain registrations in some TLDs are dominated by a small number of registrars. In some cases, 90% or more of the malicious domains in a TLD were registered through one gTLD registrar.
• 41% of all phishing attacks occurred at just ten hosting providers. We identified 4,110 hosting networks (ASNs) where phishing web sites were reported. 28% of all phishing attacks occurred on just four hosting networks.
• Phishers targeted 1,804 businesses or organizations during the 1 May 2020 to 30 April 2021 period. The top 10 brands targeted accounted for 46% of the phishing attacks associated with specific brands.
• When phishers register domains, they tend to use them quickly. 57% of domains reported for phishing were used within 14 days following registration and more than half of those were used within 48 hours.
Greg Aaron, Interisle associate and contributing analyst of the study, said: “The data shows us that phishing remains a common, ever-present threat to millions of Internet users. The data also shows us that there’s more phishing going on than most observers see, and that criminals are finding success with their attacks.”
The study also reports that most phishing occurs on domains registered by phishers, for phishing attacks. Interisle determined that 65% of domains associated with phishing attacks were intentially (“maliciously”) registered domains.
According to Dave Piscitello, Interisle partner and co-author, “We distinguished phishing domains as maliciously registered or as hosted on compromised assets to make clear how phishers acquired resources. We found that phishers used malicious registrations more frequently than compromised assets. Clearly, dealing with these proactively would be most helpful; for example, registry operators and registrars could use the methods that investigators use to suspend probable phishing domains before they can victimize users and brands.”
The full text of Interisle’s report is available at http://interisle.net/PhishingLandscape2021.html.
About Interisle Consulting Group:
Interisle’s principal consultants and associates are experienced practitioners with extensive track records in industry and academia and world-class expertise in business and technology strategy, Internet technologies and governance, financial industry applications, and software design.
Interisle is engaged in a long-term effort to collect and analyze data on the way in which criminals abuse the Internet and its users, so that Internet policy development can be informed by reliable and reproducible intelligence based on data rather than anecdotes. As part of this effort, Interisle publishes quarterly phishing activity reports at the Cybercrime Information Center, https://cybercrimeinfocenter.org/phishing-activity.
For more about Interisle, please visit: http://www.interisle.net.
For media inquiries related to Interisle, please contact the Interisle partners at email@example.com.
Interisle Consulting Group