Surprisingly, the number of phishing sites (the classic scam whereby a fraudulent website disguised as a legitimate one is used to obtain personal information, such as logins and passwords) fell in the last quarter of 2018. According to the APWG (Anti-Phishing Working Group) Phishing Activity Trends Report, published in collaboration with Axur and other partner companies, 138,328 sites were detected during this period. This number shows a sharp drop compared to the first quarter of last year, when 263,538 phishing sites were detected.
However, when considering additional information presented by partner companies in the report, this drop isn’t such a big surprise: Cybercriminals hide many of these scams by including several redirect pages before the landing page. And here at Axur we have observed the scam market to be moving full speed ahead with the sale of spoofed sites on the deep and dark web — in November, we found some particularly special “offers” for Black Friday.
In summary, here are some of the other trends mentioned in the report:
- Phishing sites in the SaaS (Software as a Service) and Webmail sectors grew from 20.1% of attacks in the third quarter of 2018 to 29.8% in the fourth quarter. The payments sector continues to be the most affected with 33% of attacks, while the financial services sector accounts for 14.3% of attacks.
- The number of phishing sites using HTTPS (the encryption protocol that lends an air of security) decreased for the first time, falling three percentage points from nearly 50% of sites to about 47%.
- Domains continue to be predominantly gTLDs (generic top-level domains, including .com, .org, and others), jumping from 49.5% in the previous report to 56.4% in the current one.
Scams detected by Axur
Axur’s Threat Intelligence Discovery team also participated in the report with findings on the deep and dark web. During the week of Black Friday sales in November we came across a variety of phishing kits for sale:
And the list of criminal opportunity doesn’t end there: Also for sale are “green lock active” templates, “bulletproof hosting” that ignores requests for the site to be taken down, and even loading templates that will only go away when the victim is contacted by the phisher (also known as “social engineering”).
At Axur, our crawler bots scan for threats on the internet. With the help of artificial intelligence, we remove phishing sites and other scams with our solution. And, with our Threat Intelligence solution we uncover all the threats mentioned above (and more!). Count on us to make the internet more secure.
Download the full report
A journalist working as Content Creator at Axur, in charge of Deep Space and press activities. I have also analyzed lots of data and frauds here as a Brand Protection team member. Summing up: working with technology, information and knowledge together is one of my biggest passions!