The Anti-Phishing Working Group (APWG) is the worldwide coalition unifying the global response to cyber-crime across industry, government and law-enforcement sectors. The information in this article is a description of what is trending, according to APWG recently published Phishing Activity Trends Report for 4th Quarter 2014.

Phishing Activity Trends for 4th Quarter 2014:

  • The most targeted industry sector in the fourth quarter of 2014 was Retail/Service with Payment Services following closely behind
  • A record number of malware variants were detected, with an average of 255,000 new threats per day
  • The United States remained at the top of the list of countries hosting phishing sites; & for hosting phishing-based Trojans and downloaders over the three month period
  • 437 brands were targeted by phishers
  • There were 197,252 unique phishing reports submitted to APWG – an increase of 18% from 3rd Qtr 2014
  • Total number of phish observed was 46,824

Hardest Hit Industry Sector

Retail/Service was the highest on the hit list of phishing sites in the fourth quarter of 2014, attracting 29.37% of the targeted attacks. The second highest sector was Payment Services, who received a 25.13% slice of the pie chart.

Rise in Malware Variants

A new record was set in the fourth quarter of 2014, for the number of new malware variants. 23,500 malware samples were detected, which is an average of 255,000 new threats every day. This is the highest number recorded to-date in the history of computer security. It is important to note that the vast majority of threats are just variants on existing malware, which have been modified by their authors, to avoid detection by anti-virus software. This does, however, highlight the ever-evolving ingenuity of malware creators and the adaptability of their code. This technique is virtually cost-free for malware authors, as they often build automatic systems that carry out the modifications. Trojans are the malware of choice, making up 82.18% of the new malware strains released, with old-school computer viruses taking second place a long way off at 9.34%. At the top of the leader board are Asian and Latin American countries, while Europe has the lowest infection rates.

Ranking Country Infection Rate Ranking Country Infection Rate
1 China 47.22% 6 Argentina 41.16%
2 Taiwan 45.92% 7 Ecuador 39.47%
3 Turkey 42.33% 8 Peru 37.11%
4 Russia 41.45% 9 El Salvador 35.02%
5 Bolivia 41.38% 10 Guatemala 34.98%

Phishing Site Host Countries

The United States holds a large percentage of the world’s web sites, and again found themselves at the top of the list, in the fourth quarter 2014, for countries where phishing sites were hosted. Cyber criminals infiltrate vulnerable web hosting, to locate hosting for their phishing sites. Below is a table showing the top three countries from October to December 2014.

October November December
United States 42.69% United States 45.90% United States 52.13%
Poland 7.60% Poland 8.53% United Kingdom 3.47%
China 5.96% France 3.90% Bulgaria 3.44%

Brand Attacks

In the fourth quarter of 2014, a large number of email-based phishing attempts were seen against high-profile UK financial institutions, such as Barclays, Halifax and Santander. Dutch speaking citizens were also targeted with impersonations of financial service providers like ING and SNS Bank. Meanwhile, “Webmail and Apple-themed account verification attempts, continued to be popular methods to obtain personal information,” said Carl Leonard, Principal Security Analyst at Websense Security Labs.

Host Countries for Phishing-Based Trojans and Downloaders

The United States continued to be the top-ranking country hosting phishing-based Trojans and downloaders in the fourth quarter of 2014.

October November December
United States 67.34% United States 50.76% United States 40.56%
China 5.09% France 5.58% Czech Republic 16.01%
Netherlands 3.63% Netherlands 5.27% France 8.38%

Our SOC team (Security Operations Centre) is manned 24/7/365 to ensure we are constantly alert to the many different threats attacking our customers across the globe. At FraudWatch International, we pride ourselves on detecting these types of fraudulent attacks and ensuring our customers stay protected.

Please contact us if you would like to know more!