APWG REPORT: Phishing Attacks Increase 20 Percent in Q3 2013 as Crimeware Evolves to Evade Detection
February 2014 by APWG
The APWG reports in its new Q3 2013 Phishing Activity Trends Report that the number of phishing campaigns increased by more than 20 percent in the third quarter of 2013, with crimeware attacks evolving and proliferating, according to several established APWG metrics. The total number of unique phishing websites observed rose to 143,353 in Q3, up from Q2’s 119,101. The increase is generally attributable to rising numbers of attacks against money-transfer and retail/e-commerce websites.
During the same period, there was an 8 percent decline in the number of brands targeted by phishers, as the number of brands targeted fell from an all-time high of 441 in April 2013 to 379 in September 2013. Ihab Shraim, CISO and Vice President Anti-Fraud Engineering and Operations, MarkMonitor and Trends Report contributing analyst said, "Fraudsters look for profit and zoomed in on the brands that deliver the highest returns."
Attack vectors continued to evolve, placing social media at forefront of crimeware’s vanguard in the quarter. “In the 3rd quarter of 2013, we also saw a change in the phishing themes used by malware authors. An emphasis on social media-themed subjects, such as ‘Invitation to connect on LinkedIn’, was used to entice users who would be used to seeing such subjects,” said APWG contributor Carl Leonard of Websense Security Labs.
APWG member PandaLabs cataloged nearly 10 million new crimeware samples from July to September, and PandaLabs observed that the number of new malware samples in circulation in the first nine months of 2013 was larger than the total for all of 2012. More than 59 percent of computers in China appeared to be infected with malware or spyware, a record high for any country.