Chat III: Phishing Reports Received by APWG from January, 2006 to January 2007
Source: Anti-Phishing Working Group (APWG)
The count of phishing reports as reported by
APWG is very alarming owing to the fact that companies that are victimized by phishing may not report these instances to law enforcement. Unlike some other types of Internet-based crime, such as hacking, that may be conducted surreptitiously, phishing, by its nature, involves public misuse of legitimate companies’ and agencies’ names and logos. Nonetheless, some companies may be reluctant to report all such instances of phishing to law enforcement - in part because they are concerned that if the true volume of such phishing attacks were made known to the public, their customers or accountholders would mistrust the companies or they would be placed at a competitive disadvantage. Though the number of unique phishing websites detected by APWG has decreased in December,
2006 and January 2007, yet the total average number of such websites in year 2006 has increased significantly in comparison to that in the year 2005.
Chat IV illustrates the growth of new phishing websites from January 2006 to January 2007.
Banday, M.T., Qadri, J.A. (2007). “Phishing - A Growing Threat to E-Commerce,”
The Business Review, ISSN: 0972-8384, 12(2), pp. 76-83.
Chat IV: New Phishing websites detected by APWG from January, 2006 to January 2007
Source: Anti-Phishing Working Group (APWG)
Most IT decision makers at Small and Medium
Businesses are aware of phishing through consumer scams but many do not believe that phishing poses a threat to organizations that are neither in financial services sector nor in the public eye. Phishing technologies have become so advanced that no one is immune to the possibilities of being scammed if they are searching for goods and services on the web and intend to pay by credit card (Dan
Ferguson, 2006).
Chat V: Ports used by Phishers
Source: Anti-Phishing Working Group (APWG)
Software processes running in computers need software ports to connect with other software processes. Inter Process Communication (IPC) takes place between these ports. Each process must be distinguished from other process and this is done with port numbers. Ports are numbered form 0 to
65536 with the most popular application and protocols such as FTP, SMTP, SNMP, HTTP, etc. are pre-assigned to “Well Known” ports. When a web browser contacts a web server it directs its message to port 80, “Well Known Port for HTTP services”. APWG report for January, 2007 indicated that a continuing trend of HTTP port 80 being the most used port for all phishing sites that have been reported (Chat V).
Chat VI shows the number of brands hijacked, number of unique password stealing malicious code applications and number of password stealing malicious URLs from January 2006 to January
2007. Though hijacked brands remained steady throughout these months yet numerous nontraditional websites such as social networking portals and gambling sites were hijacked.
Banday, M.T., Qadri, J.A. (2007). “Phishing - A Growing Threat to E-Commerce,”
The Business Review, ISSN: 0972-8384, 12(2), pp. 76-83.
50
100
150
200
250
300
350
400
Jan, 06 Feb, 06 Mar, 06 Apr, 06 May, 06 Jun, 06 Jul, 06 Aug, 06 Sep, 06 Oct, 06 Nov, 06 Dec, 06 Jan, 07
500
1000
1500
2000
2500
3000
3500
Password Stealing Malcious Code URLs (PSMC URLs)
Hijacked Brands PSMC UA PSMC URL's
Chat VI: Hijacked Brands, Password Stealing Malicious Code Applications and URLs
Source Data: Anti-Phishing Working Group (APWG)
Chat VI also shows the number of phishing based
Trojans as reported by APWG in form of malicious code applications and URLs that monitor specific actions for identity thefts.
Without paying careful attention to all suspicious emails and carefully checking the validity of all websites requiring entry of confidential information, employees of any size of company