Phishing activities targeting Chinese sites on rise

Phishing attacks targeted at Chinese e-commerce and banking Web sites rose in the first half of 2011, with a majority of the domain names created by local cybercriminals eyeing local brands and enterprises.

According to a survey released by the APWG (Anti-Phishing Working Group), attacks on Chinese sites totaled 17,693 in the first half of 2011, with cybercriminals using 11,192 unique domain names and 3,629 co.cc subdomains. Compared to the second half of 2010, the numbers of attacks increased 44 percent from 12,282, where phishers used 6,382 unique domain names and 4,737 co.cc subdomains.

"The majority of Chinese phishing appears to be perpetrated by Chinese criminals attacking Chinese companies, with 88 percent of such attacks targeting a single service, Taobao.com," said Greg Aaron, a co-author of the report for Afilias. "With .CN domains difficult for criminals to obtain these days, these phishers had a major impact on other TLDs (top-level domains, where domains and subdomains are often easier and cheaper to obtain."

While Chinese phishers targeted at least 26 Chinese organizations including banks, securities firms and state television broadcaster CCTV, the majority of attacks had their eye on Taobao.com. The Chinese e-commerce site received 15,554 attacks and was the world's second-most popular phishing target after online payment company, PayPal, said APWG.

Worldwide, at least 112,472 unique phishing attacks were from the 200 top-level domains (TLDs), a "far greater" number compared with the 42,624 attacks recorded in the second half of 2010. However, the number remained low compared to 126,697 found in the second half of 2009, which APWG noted to be "the height of the phishing onslaught being propelled by the Avalanche botnet".