[news release] The APWG’s new Phishing Activity Trends Report reveals that the number of phishing attacks observed by APWG members grew through 2020, fully doubling over the course of the year. Attacks peaked in October 2020, with a high of 225,304 new phishing sites appearing in that month alone, breaking all previous monthly records.
[news release] The Anti-Phishing Working Group’s (APWG) new Phishing Activity Trends Report reveals a rise in reported phishing since March of 2020. In August and September of 2020, the APWG logged 200,000 phishing sites per month — with more than 500 separate brands attacked by phishers each month in the quarter.
Do you feel that your inbox is burdened with an increasing number of phisy-looking emails, now more than ever before? Well, that’s because it actually is.
[news release] Kaspersky is revealing the web services that employees of small and medium businesses most frequently access while working are some of the most exploited by malefactors as they are used as a springboard for phishing. These services include YouTube, Facebook, Google services and WhatsApp. Further insights show that this list is not consistent with the services that employers tend to limit for use on corporate devices.
An INTERPOL assessment of the impact of COVID-19 on cybercrime has shown a significant target shift from individuals and small businesses to major corporations, governments and critical infrastructure.
A US court authorised Microsoft to take control of key domain names that were being used by cybercriminals preventing them for being used to execute cyberattacks Tuesday. These cybercriminals were taking advantage of the COVID-19 pandemic in an attempt to defraud customers in 62 countries around the world.
According to an analysis of the Netherlands’ 50 biggest brand names, the number of .nl domain names suspected of being used or intended for use in phishing has been increasing, but monitoring and intervention appears to be suppressing visible abuse such as phishing.
There have been 68,000 coronavirus-related domains registered since the beginning of the Coronavirus outbreak in January 2020 with an escalation in the number of coronavirus-related domains being registered since mid-February according to Check Point Research. In the past two weeks (since 2 April), there have been almost 17,000 new coronavirus-related domains had been registered (16,989 to be exact) with 2% found to be malicious and another 21% suspicious.
And with the pandemic now reaching almost every corner of the globe, many governments have announced economic stimulus packages, and as Check Point Research note on their recent glob post, “where there’s money, there will also be criminal activity. Hackers and threat actors want to cash in on the rush to get these vital payments and fill their own pockets at the expense of others. To do this, they are evolving the scam and phishing techniques that they have been using successfully since the start of the pandemic in January. Google recently reported that in just one week from 6 to 13 April, it saw more than 18 million daily malware and phishing emails related to Covid-19 scams – and that’s in addition to the 240 million daily spam messages it sees related to coronavirus.”
To take advantage of these stimulus packages, Check Point Research found 4,305 domains relating to new stimulus/relief packages have been registered since January with a total of 2081 new domains registered (38 malicious; 583 suspicious) in March and 473 (18 malicious, 73 suspicious) in the first week of April.
Check Point Research also observed a major increase in the week starting 16 March “during which the American government proposed the stimulus package to taxpayers. The number of new domains registered that week was 3.5 times higher compared to the average of previous weeks.”
“These scam websites use the news of the coronavirus (Covid-19) financial incentives, and fears about Coronavirus to try and trick people into using the websites or clicking on links. Users that visit these malicious domains instead of the official Government websites risk having their personal information stolen and exposed, or payment theft and fraud.”
Check Point Research has also observed a rise in “scam websites that use the news of the coronavirus (Covid-19) financial incentives, and fears about Coronavirus to try and trick people into using the websites or clicking on links. Users that visit these malicious domains instead of the official Government websites risk having their personal information stolen and exposed, or payment theft and fraud.”
For more information, or to see the Check Point Research blog post in full, go to: https://blog.checkpoint.com/2020/04/20/coronavirus-update-as-economic-stimulus-payments-start-to-flow-cyber-attackers-want-to-get-their-share-too/
Criminal activities continue to be an issue and challenge for the domain name industry, and itâs one of the main issues addressed in todayâs Q&A with Katrin Ohlmer, CEO and founder of DOTZON GmbH. Ohlmer cites it as a highlight and lowlight â a highlight because the industry is attempting to tackle domain name abuse and a lowlight with phishing, malware, botnets and pharming being threats to consumers putting the whole industry in a bad light and seemingly not interested in fixing the issue. Ohlmer also sees the growth in usage of .brand new gTLDs as another highlight while she says the whole domain industry could improve in terms of customer experience and customer-centric marketing and communications.
A new awareness has been reached within the industry that many registries and registrars are responsible and taking actions against abuse, including the âFramework to Mitigate Abuseâ. We started to communicate our efforts better to the community and will continue these efforts in 2020.
We noticed a growing use of domain names of .brands including the likes of .audi, .dvag and .mma â all with well beyond 1,000 registered domain names. We spotted quite a number of .brand domains âin the wildâ – in print advertising, on vehicles and social media ads.
The ever-present existence of phishing, malware, botnets and pharming threats to consumers puts the whole industry in a bad light seemingly not interested in fixing this issue. The industry has to improve its communication activities within the community and to all stakeholders in 2020.
In 2020, we would like ICANN to focus again on their mission âto ensure the stable and secure operation of the Internet’s unique identifier systemsâ.
GDPR brought to our industry new challenges and burdens. GDPR and its consequences are an asset for our industry that personal data are not published anymore. Even though this negatively affects the interests of the trademark industry.
DP: What are you looking forward to in 2020?
KO: Iâm really looking forward to welcoming the ICANN community to Hamburg in Autumn and showcasing the broad use of .hamburg domain names in the city. With and ICANN meeting taking place only for the second time ever, it will be a great opportunity for the local and national Internet community to meet the ICANN community.
DP: What challenges and opportunities do you see for the year ahead?
KO: As the next round of new TLDs is still ahead of us, .brands including some of our customers have the opportunity to showcase the many usage scenarios which they have already implemented and will be implemented in 2020.
The whole industry has to increase their communication efforts about DNS Abuse to demonstrate that they take abuse seriously. Further debates are likely whether registries and registrars will mitigate abuse beyond DNS like counterfeiting, but hopefully ICANN will stay within its remits.
Further consolidation will happen between registries, registrars and vertically integrated groups. We might also see further investments from equity investment companies within the industry.
Tech trends like Artificial Intelligence, Bitcoin, Internet of Things will improve our industry â whether process-wise, with new products or communication channels.
The topic how ICANN will consider in its actions the Public Interest â not only at the Board level, but also within the wider community â will be a challenge. A first step has been made with the proposal drafted by the Board, and further activities will likely happen in 2020.
DP: How have new gTLDs fared in 2019?
KO: We observed that the diversity of TLDs being actively used across the globe is slowly but constantly increasing. Therefore we expect a steady uptake over the next few years and establishing the new gTLDs as a valid alternative to former TLDs.
A number of the new gTLDs are doing very well â they are chosen by users because they have a meaning like .realestate, .consulting and .rich, some provide local and regional identity to users like .berlin, .bzh and .nyc, and some represent the brand online like .audi, .google and .edeka. The more generic TLDs are, the less differentiation and meaning they have making it harder to develop a long-term value proposition beyond the price.
DP: What progress do you see on a new round of applications for new gTLDs in 2020?
KO: We are currently finalising the last open issues within the Subsequent Procedures PDP Working Group. I expect that the substantive progress of our ongoing work will continue in 2020, leading to a final report being sent to the GNSO Council and later to the ICANN Board for approval.
DP: What one thing would you like to see addressed or changed in the domain name industry?
KO: I tend to repeat myself: I still think the whole domain industry could improve in terms of customer experience and customer-centric marketing and communications including lower barriers to set-up a website, easing the whole domain registration process, and setting up an email account.
For decades, customers were attracted by prices. This led to many registrations with no or very limited usage. Now itâs time to encourage existing customers to use the product they bought and improve processes for new customers making it easier to bring their website with their new domain online.
Previous Q&As in this series were with:
ICANN is alerting the community to a phishing scam that involves emails sent from “firstname.lastname@example.org” sent to ICANN contracted parties.
The email@example.com email address, for example, is not a valid ICANN organisation email address. Contracted parties may have recently received emails from “firstname.lastname@example.org”, which is a valid ICANN org email address. If you receive an email from the “email@example.com” address, or any other suspicious email address, do not respond. Please forward the email in its entirety to firstname.lastname@example.org.
ICANN has a resource on phishing scams at icann.org/resources/pages/phishing-2013-05-03-en.