APWG logo

APWG Finds Phishing Attacks Jump By Two-Thirds In 2016 To Highest Ever Recorded

The total number of phishing attacks in 2016 was 1,220,523, a 65% increase over 2015, according to the latest Phishing Trends Report for Q4 2016 from the Anti-Phishing Working Group (APWG).

Phishing attacks have been growing rapidly. In the fourth quarter of 2004, the APWG saw 1,609 phishing attacks per month. In the fourth quarter of 2016, APWG saw an average of 92,564 phishing attacks per month, an increase of 5,753% over 12 years. Almost every year the number of phishing attacks has grown since the APWG has been monitoring the crimes.

And some of the most complicated phishing attacks have come from fraudsters in Brazil. The Brazilian attacks are using both traditional phishing and social media to defraud internet users. They are also using technical tricks to make it harder for responders to stop theses scams.

“Criminals are re-inventing themselves all the time,” said Fabio Ramos, CEO of Axur, a Brazilian company that concentrates on protecting companies and their users in Brazil. “We’ve seen a decrease in the numbers of regular phishing attacks – and an increase in other methods of fraud, such as malware fake services advertised through social media platforms.”

The phishing fraudsters are even varying their tactics depending on the time of the year. Phishers concentrated on fewer targets during the holiday season, and hit fewer lower- yielding or experimental targets.

But domain names aren’t as important these days and aren’t required to help fool victims.

The country that is most plagued by malware is China, where 47.09% of machines are infected, followed by Turkey (42.88%) and Taiwan (38.98%).

“Phishing is an attack that relies primarily on fooling people, rather than highly sophisticated technical implementations,” said APWG Senior Research Fellow and iThreat VP Greg Aaron. “For that reason, phishing remains both popular and effective. Also, the APWG’s numbers for 2106 just measure broad-based attacks against consumer brands. The numbers don’t attempt to catalog spear-phishing, which is highly targeted phishing that targets only a few specific people within a company. Truly, phishing is more pervasive and harmful than at any point in the past.”

APWG member RiskIQ examined how phishing victims are fooled by phishers – not by the address in the browser bar, but by hyperlinks (which must be hovered over to even see the destination domain), URL shorteners, which mask the destination domain, or brand names inserted elsewhere in the URL.

“A relatively low percentage of phishing websites targeting a brand attempt to spoof that brand in the domain name—whether at the second-level or in the fully-qualified domain name,” says Jonathan Matkowsky, VP for intellectual property & brand security at RiskIQ. This is evidence that phishers do not need to use deceptive domains names to fool Internet users into visiting their sites.

The full text of the report is available here: http://docs.apwg.org/reports/apwg_trends_report_q4_2016.pdf