A new survey unveiled some current strategies and tactics
that phishers have been employing in response to the anti-phishing efforts put to
cope with this world problem. The subdomain services, some spoofing techniques,
and systematic exploitation of vulnerable registrars and registries are amongst
the latest maneuvers utilized by phishers.
Phishing is an attempt to criminally and fraudulently
acquire personal information, such as usernames, passwords and credit card
details, by concealing behind a trustworthy entity in an electronic
communication. Common targets of phishing are PayPal, eBay, and online banking.
researchers Greg Aaron of Afilias and Rod Rasmussen of Internet Identity who conducted the “Global phishing survey:
Domain Name Use and Trends in 2007” reported that over 10,773
malicious domains were registered in 2007, from them 10,515
had their phishes hidden on subdomains or in subdirectories. This counterfeit
websites were designed with the only purpose to lure users and obtain their
personal financial information.
Subdomain hosting services, especially those of them which
are free of charge were mostly used for phishing sites because they are largely
automated and operate with limited staffing. That makes it difficult a phishing
site to be reached and removed from the Internet. These subdomains represent at
least 18% of all domains involved in phishing which undoubtedly is a
Another common tactic used is phishing pages to be placed on
compromised computers. According to the researchers, this practice is
apparently effective because
suspending a malicious domain name or hosting account also disabled the
resolution of the legitimate user’s site.
The vast majority of domain names used for phishing do not
contain a brand name. Instead, phishers often embedded a relevant brand name in
the URL. This trend got accelerated in the course of 2007 and while it was 25 %
early in the year, by the end of December it reached over 42.1% (according to
the APWG’s monthly reports). For instance such malicious URL is: http://www.bankname.com.447956.33njm34webnyq2.net/cmd-confirm/login.php
Phishers’ preferences towards a particular registrar are
based on some important points: the policies of the different TLD registries,
the services and TLDs offered by its registrars, and the anti-abuse practices
of the registrars and the registry operator. Therefore, domain registry and
domain registrars could play a vital role in the fight against phishing by undertaking
immediate actions to additionally secure their domain space.
in all, there is an obvious necessity of better anti-abuse measures which will
significantly facilitate the combat with the increasing global phishing problem.
Phirshers are very flexible and quite easily adapt new approaches. That makes
the battle even more complicated. Anyway, the better understanding of why and
how phishers register domain names for their own malicious use will lead to
improvements in anti-abuse measures.
Request Reprint Permission
Copyright © 2018 DevStart, Inc. Permission is required to use the material on this page.