Phishing-based attacks are on the rise. In a recent study from the Interisle Consulting Group, phishing attacks have increased by almost 70% during the period of May 1, 2020, to April 30, 2021. The attacks targeted 1,804 businesses or organizations.
The study, which found almost 700,000 unique attacks, was based on analyzing nearly 1.5 million phishing reports compiled by four widely used and respected threat intelligence providers. The study determined that most of these attacks were concentrated at a small number of domain registrars, registries, and hosting providers.
Sixty-nine percent of domains associated with phishing were registered through just ten registrars. In some TLDs, 90% of the malicious domains were registered through a single registrar. Ten hosting providers accounted for 41% of all phishing attacks.
The study also found that phishing attacks were disproportionately represented in new gTLDs (nTLDs). In June 2020, nTLDs represented 9% globally but 18% of domains used for phishing attacks. This percentage increased to 21% during Interisle’s yearly reporting period even as market share for nTLDs decreased to 6%.
Phishers targeted 1,804 businesses or organizations during the study period. However, ten brands represented 46% of all reported phishing attacks during this time. The study also found that 65% of domains associated with phishing attacks were intentionally registered for that purpose.
When it comes to responding to a phishing attack, time is of the essence. Fraudulent domains are often registered and discarded at lightning speed. Fifty-seven percent of domains reported for phishing were used within two weeks of initial registration, with more than half used within the first 48 hours.
These statistics underscore the crucial role that registrars and registries can play in blunting the effects of phishing attacks. Solutions include identifying bad faith domain registrations proactively and shutting them down before a malicious attack is launched and/or using Terms of Service to suspend domains for malicious activity.
Until then, it’s essential to keep your brand and your consumers safe online by aggressively monitoring new domain registrations for the unauthorized use of your intellectual property. Consider partnering with your colleagues in cybersecurity or Trust & Safety teams to map out a consolidated strategy. Combining an aggressive brand protection program with a proactive anti-phishing program will deliver the best results.
To help combat abuses and make digital channels safer for everyone, we’ve created a guide to domain name enforcement, including sample templates for reporting infringement. You can download it here.
