APWG Report: Numbers of Brands Targeted by Cybercrime Gangs Sustain Record High in February and March

Number of unique phishing sites detected in a month, reached a record high in February

The APWG's Fall Conference and Research Summit advances the global counter-cybercrime agenda, this October 22-25 in Puerto Rico. (Graphic: Business Wire)

CAMBRIDGE, Mass.--()--The APWG reports in its Q1 2012 Phishing Activity Trends Report released this week that the number of brands targeting by phishing attacks sustained an all-time high of 382 in February and March of this year, while cybercrime gangs deployed a record number of phishing websites during the same quarter.

APWG Secretary General Peter Cassidy said, “The reach and ambition of cybercrime gangs advances apace today, a decade on from when the first phishing attacks were reported. In the first quarter of the year, reports received by the APWG indicate new record highs in the numbers of attacks on identifiable brands, the numbers of phishing websites to lure Web users - and in the proportion of malware executables comprised of advanced Trojans for cybercrime.”

The APWG reports that February and March 2012 sustained an all-time high of 392 brands targeted by phishers. This was an 8 percent increase from the previous all-time high of 362, recorded in December 2011. The previous high before December was 356, reached in October 2009.

Meanwhile, the number of unique phishing sites detected in a single month by the APWG reached 56,859 in February, which was an all-time high. The February figure eclipsed the previous record high of 56,362, which was recorded in August 2009, by almost 1 percent.

In the first three months of 2012, PandaLabs identified more than six million unique malware samples. Most of the infections were caused by Trojans (80 percent of all new malware samples), setting a new record high. According to Luis Corrons, PandaLabs Technical Director and APWG Trends Report contributing analyst, “This demonstrates that massive worm epidemics have become a thing of the past, and have been replaced by a silent Trojan invasion.”

“Phishing measurements are up across the board, with one of the biggest increases we have ever seen in a single quarter,” said Ihab Shraim, CISO and VP, AntiFraud Operations and Engineering, MarkMonitor. “[W]e also observed the payment services category returning to its position as the second-most-popular phishing sector and large increases in activity in the social networking, ISP, and government sectors, too.”

Carl Leonard of Websense Security Labs said, “This quarter, we saw an interesting scam using a pdf attachment as a lure to capture personally identifiable information. The information in that pdf file was a faked signed document from a popular global banking institution.”

The full text of the report is available here: http://apwg.org/reports/apwg_trends_report_q1_2012.pdf

These and other findings will be discussed at the APWG Fall Conference and Research Summit this October 22-25 in Puerto Rico. Details can be found here: http://apwg.org/events/2012_ecrime.html

Highlights of the Q1, 2012 report include:

  • During the quarter, USA remained the top nation for hosting phishing-based Trojans, and Azerbaijan cracked the top 10 for the first time ever, in March 2012
  • The average number of infected PCs across the globe stands at 35.51 percent, which is more than three percentage points lower than in 2011
  • China continues to be the most affected country (with 54.10 percent of infected PCs), and remains the only country with an infection ratio over 50 percent
  • Brand-Domain Pairs Measurement is up across the board with one of the biggest increases ever seen in a single quarter
  • In the first three months of 2012, more than six million unique malware samples were identified
  • Financial Services continued to be the most-targeted industry sector in the first quarter of 2012
  • Sweden set a new hygienic record with the lowest percentage of PCs infected by malware, with less than 18 percent of its computers so affected

About the APWG

The APWG, founded in 2003 as the Anti-Phishing Working Group, is the global industry, law enforcement, and government coalition focused on unifying the global response to electronic crime. Membership is open to qualified financial institutions, online retailers, ISPs and Telcos, the law enforcement community, solutions providers, multi-lateral treaty organizations, research centers, trade associations and government agencies. There are more than 2,000 companies, government agencies and NGOs participating in the APWG worldwide. The APWG's <www.apwg.org> and <education.apwg.org≥ websites offer the public, industry and government agencies practical information about phishing and electronically mediated fraud as well as pointers to pragmatic technical solutions that provide immediate protection. The APWG is co-founder and co-manager of the Stop. Think. Connect. Messaging Convention, the global online safety public awareness collaborative <www.stopthinkconnect.org> and founder/curator of the eCrime Researchers Summit, the world’s only peer-reviewed conference dedicated specifically to electronic crime studies <www.ecrimeresearch.org>.

Among APWG's corporate sponsors are as follows: Afilias Ltd., AhnLab, AT&T(T), Avast!, AVG Technologies, BBN Technologies, Barracuda Networks, BillMeLater, Bkav, Booz Allen Hamilton, Blue Coat, BrandMail, BrandProtect, Bsecure Technologies, Check Point Software Technologies, Comcast, CSIRTBANELCO, Cyber Defender, Cyveillance, Domain Tools, Easy Solutions, eBay/PayPal (EBAY), eCert, EC Cert, ESET, EST Soft, Facebook, Fortinet, FraudWatch International, F-Secure, GlobalSign, GoDaddy, Google, GroupIB, Hauri, Hitachi Systems, Ltd., Huawei Symantec, ICANN, Iconix, IID, IronPort, ING Bank, Intuit, IT Matrix, Kindsight, LaCaixa, Lenos Software, MailShell, MarkMonitor, M86Security, McAfee (MFE), Melbourne IT, MessageLevel, Microsoft (MSFT), MicroWorld, Mirapoint, MyPW, nProtect Online Security, Netcraft, Network Solutions, NeuStar, Nominet, Nominum, Public Interest Registry, Panda Software, Phishlabs, Phishme.com, Phorm, Planty.net, Prevx, Proofpoint, QinetiQ, Return Path, RSA Security (EMC), RuleSpace, SAIC (From Science to Solutions), SalesForce, SecureBrain, S21sec, SIDN, SoftForum, SoftLayer, SoftSecurity, SOPHOS, SunTrust, SurfControl, Symantec (SYMC), Tagged, TDS Telecom, Telefonica (TEF), TransCreditBank, Trend Micro (TMIC), Vasco (VDSI), VeriSign (VRSN), Websense Inc. (WBSN), Wombat Security Technologies, Yahoo! (YHOO), zvelo and ZYNGA.

Photos/Multimedia Gallery Available: http://www.businesswire.com/cgi-bin/mmg.cgi?eid=50347210&lang=en

Release Summary

The APWG reports in its Q1 2012 Phishing Activity Trends Report released this week that the number of brands targeting by phishing attacks sustained an all-time high of 382 in February and March.