[APRALO-Policy] Phishing report
Maureen Hilyard
maureen.hilyard at gmail.com
Sat Oct 2 16:09:23 UTC 2021
Hi everyone
FYI - A new report is out about Phishing (attacks that steal user data) :
https://interisle.net/PhishingLandscape2021.html
Some key takeaways from the report:
- *Most phishing is concentrated at small numbers of domain registrars,
domain registries, and hosting providers.* 69% of the domains used for
phishing were registered in 10 Top-level Domains and 69% were registered
through just 10 registrars.
- *Phishing attacks are disproportionately concentrated in new gTLDs
(nTLDs).* While the new TLDs' market share decreased during our yearly
reporting period, phishing among the new TLDs has increased.
- *Phishing domain registrations in some TLDs are overwhelmingly
dominated by a small number of registrars.* In some cases, 90% or more
of the malicious domains in a TLD were registered through one gTLD
registrar.
- *41% of all phishing attacks occurred at just ten hosting providers.* We
identified 4,110 hosting networks (ASNs) where phishing web sites were
reported. 28% of all phishing attacks occurred on just four hosting
networks.
- *Phishers targeted 1,804 businesses or organizations during the 1 May
2020 to 30 April 2021 period.* The top 10 brands targeted over the
course of our annual period account for 46% of the reported phishing
attacks.
- *When phishers register domains, they tend to use them quickly.* 57%
of domains reported for phishing were used within 14 days following
registration and more than half of those were used within 48 hours.
Maureen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mm.icann.org/pipermail/apralo-policy/attachments/20211002/0cdec9ac/attachment.html>
More information about the Apralo-policy
mailing list