MarkMonitor Reports Domain-Based Phishing Attacks Now Represent 73 Percent of All Phishing Scams

July 18, 2006; 06:44 AM

MarkMonitor(R), the leader in online corporate identity protection, today reported a substantial rise in domain-based phishing attacks - a technique used to make fraudulent websites look authentic. According to MarkMonitor's AntiFraud Operations Center(TM) (AFOC), domain-based phishing attacks now represent 73 percent of all attacks, up from 35 percent just 18 months ago.

The impetus behind this rapid increase is illustrated in a recent independent study by several researchers from Harvard University and University of California, Berkeley, titled "Why Phishing Works," which showed that 36 percent of participants rely primarily on the domain name, in addition to website content, to determine a site's legitimacy. It also found that participants were less suspicious of a website displaying a recognizable domain name versus a numerical IP address. The report can be found at http://www.markmonitor.com/pr/phish.

"Our study showed that the Web address is used more than any other indicator - including 'https' in the address bar, a padlock icon, or a certificate - to determine whether a website is legitimate or not," said Harvard's Rachna Dhamija, a co-author and lead researcher of the study. "Therefore, it is not surprising that phishers are manipulating the domain name as a strategy for scamming more people."

To safeguard against these attacks, MarkMonitor's Early Warning System(TM), part of its Fraud Prevention Services, alerts organizations to newly registered domain names that seek to mimic their familiar brand names before the domains become operational. This approach helps companies better protect their customers and corporate assets by taking preventive measures against phishing attacks.

MarkMonitor, an ICANN-accredited registrar, also helps organizations defensively register domain names to prevent fraudsters from using the company's brand or trademarks against them. Common defensive domain registrations include those that incorporate account or security words, common misspellings, slogans, products names, or variations that look legitimate at-a-glance.

"As with all security-related issues, the end game in thwarting phishing attacks is prevention, not just reaction," said Chris Bounds, CEO of MarkMonitor. "The increase of domain-based attacks underscores the need for clients to prevent phishing attacks from happening in the first place by monitoring and correlating suspicious domain registrations as one part of a multi-layered, preventive approach. MarkMonitor's breadth of experience in providing anti-phishing solutions makes us uniquely qualified to help clients manage this increasing threat."

MarkMonitor (www.markmonitor.com) is the global leader in delivering comprehensive online corporate identity protection services, Making the Internet Safe for Business(TM). MarkMonitor's integrated Brand and Fraud Protection(TM) platform provides full life-cycle management, including its Early Warning System(TM), as well as real-time detection, and investigation and response, to a wide and growing list of identity-based online security problems faced by corporations today.

MarkMonitor Erick Mott, 415-278-8412 [email protected] or Weber Shandwick for MarkMonitor Eric Sokolsky, 212-445-8081 [email protected]