Summary of Global Phishing Survey 2H 2014

• In the second half of 2014 the domain names used for phishing broke a record, at least 123,972 unique attacks were observed all over the world.
• The attacks occurred on 95,321 unique domain names.
• Of the 95,321 phishing domains, APWG identified 27,253 domain names they believe were registered maliciously.
• Of the 95,321 phishing domains, 68,303 domains were almost all hacked or compromised on vulnerable web hosting.
• 75% of the malicious domain registrations were in just five TLDs: .COM, .TK, .PW, .CF and .NET
• 3,582 attacks were detected on 3,095 unique IP addresses, rather than on domain names.
• APWG counted 569 targeted institutions.
• The average uptime in the second half of 2014 was 29 hours and 51 minutes.
• The median uptime increased to 10 hours 6 minutes.
• Phishing occurred in 272 top-level domains (TLDs). 56 of them were new top level domains.
• Only 1.9% of all domain names that were used for phishing contained a brand name or variation thereof.

Other interesting trends highlighted in the Global Phishing Survey 2H2014 report are as follow:

• New companies are constantly being targeted by phishers.
• The ten companies that are targeted most often by phishers are attacked constantly, sometimes more than 1,000 per month.
• The top ten targets suffered more than 75% of all the phishing attacks observed worldwide.
• The number of domain names used for phishing reached an all-time high.
• Chinese phishers were responsible for 85% of the domain names that were registered for phishing. When attacks are divided by industry, markets involving money are the ones more targeted.

As the survey shows, phishing attacks are not going away. The best way to mitigate them is by keeping up-to-date on emerging phishing tactics and addressing them head on.