US tops phishing league

When it comes to hosting fraudsters' Web sites, America is the runaway leader, hosting two-and-a-half times as many as any other country
Written by Dan Ilett, Contributor

The United States hosts more online scamming and identity theft Web sites than any other country, a leading security think tank has found.

According to an Anti-Phishing Working Group (APWG) report on January's phishing activity, 32 percent of scammers' Web sites were hosted in the United States. China was found to be in second place, hosting 13 percent, with Korea and Japan in third and fourth places with 10 percent and 3.1 percent respectively.

These sites are typically hosted on the computers of unsuspecting users, which have been compromised by hackers working in league with the criminals running these phishing attacks.

"There is an incorrect assumption that scammers put up their machines in the Far East or China," said Dave Bruswick, technical director for Tumbleweed, one of the companies behind the APWG. "The spread [of Web sites] seems to be where more machine are online in the first place".

The number of active phishing sites reported in January was 2,560 -- a figure that has jumped by 47 percent since December, when 1,740 were found, and more than double the 1,186 reported in October.

Sixty-four online brands were hijacked last month, and sites were accessible for an average of 5.8 days before they were shut down.

The report also warned of a rise in Web sites that are not accessed through the default port for HTTP, port 80. This could help the sites evade being detected by a poorly set-up firewall which allows unchecked access through other networking ports.

"The rise in non-port-80 hosted sites and the number of sites which are hosting phishing attacks continues to lead us to believe that the number of machines that are compromised and are being used to host these attacks is growing," said the report.

Brunswick added to this, saying: "It tells us that one of the key points about phishing is that it's not about banks and vendors trying to stop this, it's about everyone who owns a Web-connected PC."

Members of the APWG found that more scammers are using malware containing keystroke loggers to steal passwords, and said that Instant messaging worms were also emerging as a danger.

Editorial standards