CAMBRIDGE, Mass.--(BUSINESS WIRE)--The Anti-Phishing Working Group (APWG) observed more phishing attacks in the first quarter of 2016 than at any other time in history. According to the APWG’s new Phishing Activity Trends Report, the total number of unique phishing websites observed in Q1 2016 was a record 289,371, with 123,555 of those phishing sites detected in March 2016.
Those quarterly and monthly totals are the highest the APWG has seen since it began tracking and reporting on phishing in 2004.
There was a 250 percent increase in phishing sites between October 2015 and March 2016. “We always see a surge in phishing during the holiday season, but the number of phishing sites kept going up from December into the spring of 2016,” said Greg Aaron, APWG Senior Research Fellow and Vice-President of iThreat Cyber Group. “The sustained increase into 2016 shows phishers launching more sites, and is cause for concern.”
The full text of the report is available here: http://docs.apwg.org/reports/apwg_trends_report_q1_2016.pdf
APWG Chairman Dave Jevans said, “Globally, attackers using phishing techniques have become more aggressive in 2016 with keyloggers that have sophisticated tracking components to target specific information and organizations such as retailers and financial institutions that top the list.”
On the heels of this report of record numbers of cybercrime attacks, APWG will be holding its annual general meeting and cybercrime research conference next week in Toronto. There, its global cadre of cybercrime responders, managers and university researchers will be plotting strategies to neutralize the menace of cybercrime, a sprawling threatscape growing seemingly unchecked in scope and virulence in recent years.
Working Agenda:
http://apwg.org/apwg-events/ecrime2016/agenda
Registration
http://apwg.org/apwg-events/ecrime2016/registration
Venue and Accommodations
http://apwg.org/apwg-events/ecrime2016/venue
In the Q1 Trends Report, APWG found that the Retail / Service sector continued to be the most heavily attacked. APWG member MarkMonitor observed more attacks targeting cloud-based or SAAS companies, which drove significant increases in the Retail/Service sector. Financial and Payment targets were also heavily targeted as usual.
Ransomware continues to be another increasing threat, with APWG members Forcepoint and PandaLabs seeing increasing numbers of ransomware infections in early 2016. According to Carl Leonard, Principal Security Analyst at Forcepoint: “The onslaught of ransomware has not abated in 2016. Ransomware authors exhibited a willingness to adjust their scare tactics and software in Q1 2016 as they sought to scam more end-users. The takeaway is clear – ransomware authors are more determined and aggressive in 2016. End-users should be aware of the danger and take preventative measures.”
APWG co-founder and Secretary General Peter Cassidy reviewing the quarter’s disturbing numbers said, “The threat space continues to expand despite the best efforts of industry, government and law enforcement. It’s clear we have a lot to talk about in Toronto, perhaps broaching some broader resolutions to unify efforts across sectors. After all, what is civilization but the largest conspiracy?”
The full text of the report is available here: http://docs.apwg.org/reports/apwg_trends_report_q1_2016.pdf
About the APWG
The APWG, founded in 2003 as the Anti-Phishing Working Group, is a global industry, law enforcement, and government coalition of more than 1,800 institutions working to unify the global response to electronic crime. Since 2004, the APWG has developed and curated one of the world’s largest NGO-managed clearinghouses of cybercrime event data enabling the sharing of this data to protect consumers and businesses alike. APWG’s directors, managers and research fellows advise and correspond with national governments; global governance bodies like the Organisation for Economic Co-operation and Development, International Telecommunications Union and ICANN; hemispheric and global trade groups; and multilateral treaty organizations such as the European Commission, the G8 High Technology Crime Subgroup, Council of Europe's Convention on Cybercrime, United Nations Office of Drugs and Crime, Organization for Security and Cooperation in Europe, Europol EC3 and the Organization of American States. APWG is a member of the steering group of the Commonwealth Cybercrime Initiative at the Commonwealth of Nations. Membership is open to qualified financial institutions, online retailers, ISPs and Telcos, the law enforcement community, solutions providers, multi-lateral treaty organizations, research centers, trade associations and government agencies. The APWG's <www.apwg.org> and <education.apwg.org> websites offer the public, industry and government agencies practical information about phishing and electronically mediated fraud as well as pointers to pragmatic technical solutions that provide immediate protection. APWG is co-founder and co-manager of the STOP. THINK. CONNECT. Messaging Convention, the global online safety public awareness collaborative <https://education.apwg.org/safety-messaging-convention/> and founder/curator of the eCrime Researchers Summit, the world’s first peer-reviewed conference dedicated specifically to electronic crime studies <www.ecrimeresearch.org>. Among APWG's corporate sponsors include: AhnLab, Area 1, AT&T (T), Afilias Ltd., Avast!, AVG Technologies, Axur, Baidu Antivirus, Bangkok Bank, BBN Technologies, Barracuda Networks, BillMeLater, Bkav, Blue Coat, BrandMail, BrandProtect, Bsecure Technologies, CSC Digital Brand Services, Check Point Software Technologies, Claro, Cloudmark, Comcast, CSIRTBANELCO, Cyber Defender, Cyveillance, DNS Belgium, DigiCert, Domain Tools, Donuts, Easy Solutions, PayPal, eCert, EC Cert, ESET, EST Soft, Facebook, FeelSafe Digital, FEBRABAN, Fortinet, FraudWatch International, F-Secure, GetResponse, GlobalSign, GoDaddy, Google, GroupIB, Hauri, Hitachi Systems, Ltd., Huawei, ICANN, Infoblox, IronPort (Cisco), ING Bank, Infoblox, Interac, Internet.bs, IT Matrix, iThreat Cyber Group, iZOOlogic, LaCaixa, Lenos Software, MX Tools, MailChannels, MailJet, MailChimp, MailShell, MarkMonitor, M86Security, McAfee (MFE), Melbourne IT, MessageLevel, Microsoft (MSFT), MicroWorld, Mimecast, Mirapoint, NHN, MyPW, nProtect Online Security, Netcraft, Network Solutions, NeuStar, Nominet, Nominum, NZRS Limited, Public Interest Registry, Panda Software, Phishlabs, PhishMe, Planty.net, Prevalent, Prevx, Proofpoint, QinetiQ, RSA Security (EMC), Rakuten, Return Path, RiskIQ, RuleSpace, SalesForce, SecureBrain, SendGrid, S21sec, SIDN, SilverPop, SiteLock, SnoopWall, SoftForum, SoftLayer, SoftSecurity, SOPHOS, SunTrust, SurfControl, Symantec (SYMC), Tagged, TDS Telecom, Telefonica (TEF), TransCreditBank, Trend Micro (TMIC), Trustwave, Vasco (VDSI), VADE-RETRO, VeriSign (VRSN), Wombat Security Technologies, Yahoo! (YHOO), and zvelo.
