Fraudsters catch on to the Net's 'long tail'

The Internet's so-called 'long tail' effect is beginning to apply in the world of cybercrime with online scammers no longer targeting just the best-known brands
Written by Matthew Broersma, Contributor

The number of brands exploited by online con artists grew to a record 154 in July, according to a report from online fraud specialist the Anti-Phishing Working Group (APWG).

The study, released on Monday, showed that the number of brands under attack from phishing was up 20 percent from June and 12 percent from the previous record in May, indicating that scammers are no longer content to exploit only the best-known brands.

The top 80 percent of scams were concentrated on 15 brands, according to the report, but the large number of brands targeted by the remaining 20 percent shows that the Internet's so-called "long tail" effect is beginning to apply in the world of cybercrime.

"In a year, the number of brands has more than doubled, illustrating that online criminals are simply not settling for the large, popular organisations and financial institutions," said Dan Hubbard, vice president of security research for Websense, in a statement. "The increase in the complexity of attacks goes hand in hand with the massive growth in phishing Web sites and the targeted, broad selection of brands that has followed."

Websense is one of the APWG's more than 1,500 corporate members, and it carried out the research. Only 71 brands were targeted a year ago, according to the APWG.

Even as phishers widen their nets, they are getting ever more focused on targeting financial services, which grew to 93.5 percent of all targets in July.

The report showed a drop in the number of unique reported phishing campaigns from 28,571 to 23,670, but the number of reported phishing sites rose steeply to 14,191, 18 percent higher than the previous peak.

The US was top of the list of those hosting phishing sites, hosting 29.85 percent, followed by the Republic of Korea with 13.34 percent, China with 12 percent, France with 5.87 percent and Australia with 4.56 percent.

Attacks are getting more sophisticated, the group found, noting a site capable of placing a Trojan onto a system without user interaction. The Trojan involved, Web Attacker, is a Russian do-it-yourself toolkit sold for anywhere from $20 to $300.

The survey found a large increase in traffic redirectors, and DNS redirectors in particular. These modify a system's DNS settings to direct some or all DNS lookups to a fraudulent DNS server capable of directing users to fraudulent sites when particular addresses are entered.

Security and operating system vendors have begun taking the phishing threat seriously, and a number of anti-fraud tools are available. These include anti-phishing toolbars from Netcraft and Microsoft; Microsoft's technology will be built into Internet Explorer 7 and Windows Vista.

Editorial standards