20 Jul 2012

Phishing Websites Skyrocket despite Major Botnet Takedowns


The first quarter of 2012 saw a significant increase of phishing websites, even though some major players in the spam-sending industry, such as Kelihos, have been taken down.

According to a report by the Anti-Phishing Working Group (APWG), the number of phishing sites in February was 56,859, an all-time high. The previous record was 56,269 phishing pages identified in August 2009.

Phishing websites are extremely dangerous because they can trick the user into disclosing private information, from log-in credentials to social networks to e-banking data. In the absence of security software with antiphishing modules, users are highly unlikely to tell the phishing site from the original. Phishing is so popular among cyber-crooks that some criminals have developed one-click phishing kits – instruments that can generate the phishing pages for nearly any bank in the world at the press of a button.

The same report states that more than 38 percent of the fake websites were impersonating financial institutions, especially payment companies. Ranking second in the top of most affected businesses is the retail industry, represented by no less than 392 distinct brands.

Most of these fake websites were hosted in the United States, followed by Canada and Egypt.