News - CIOInsight

Home

News

Cyber-Criminals Launch Phishing Attacks Using Free Domain Services

Stop Searching.
Start Finding.

IT Management Solutions »

CIO STRATEGY

The Perfect IT Book for the Business?

Parkinson needs a book that explains IT to the business. Got any suggestions?

News

Cyber-Criminals Launch Phishing Attacks Using Free Domain Services

By CIOinsight
2011-04-27
Article Views: 2416
Article Rating:

/ 1

Phishing gangs are making use of free sub-domain servers to launch their attacks, a new research report finds.

Rate This Article:

Add This Article To:

Digg this

Del.icio.us

Slashdot

Y! My Web

E-mail

Furl

Google

Simpy

Spurl!

PDF Version

Scammers have shifted tactics to use free domain services to launch phishing attacks, according to a research report.

A significant number of phishing attacks in the second half of 2010 originated from Tokelau’s .TK domain and Korea’s .CO.CC sub-domain, according to the latest survey released by the Anti-Phishing Working Group on April 27. The report examined all phishing attacks from July 1 to Dec. 31 collected by the Anti-Phishing Working Group and supplemented from multiple private sources.

By offering free domain names, .tk has become the third largest country-code top-level-domain after Germany’s .DE and Great Britain’s .uk. Scammers are snapping up the free .TK domains in droves.

While there were phishing domains registered across 183 top-level-domains, 89 percent were concentrated in just four, including .com, .tk, .net and .info. Tokelau is a group of three tropical atolls in the South Pacific Ocean with a population of 1,400 people that is a territory of New Zealand.

Phishing attacks occurred on 42,624 unique domain names and 2,318 unique IP addresses in the second half of 2010, the report found. To put it in context, there were 205.6 million domain names in October, according to Verisign. Since the researchers defined an attack as a phishing site that targeted a specific brand or entity, one domain name could host several discrete attacks against different banks.

Of the phishing domains, about 28 percent were registered specifically for malicious purposes, the researchers found. Nearly half of those malicious domains were registered specifically to phish Chinese targets. The remaining phishing domains were legitimate domains that have been compromised.

“Every .tk domain used for phishing was maliciously registered,” the researchers wrote.

Recent reports from major security firms, including Symantec, have noted that a significant amount of malware attacks originated from China. This is apparently not a one-way street, as attackers are also “aggressively” targeting Chinese e-commerce sites and banks as well, the APWG report found.

For more, read the eWEEK article: Cyber-Criminals Register Free Domains and Sub-Domains for Phishing Attacks.

test



	>>> More News Articles >>> More By CIOinsight

Email Article To Friend ♦ Print Version Of Article ♦ PDF Version Of Article

FEATURED SPONSORED VIDEOS

Security and Availability Essentials for Running Your Business in the Cloud

Cyber Security Trends and Challenges for 2012

IPv6 Integration and Migration

View More Videos

Brought to You By

FEATURED SPONSORED ARTICLES

Erasable E-Paper Saves Trees, Cuts Costs

Why Smart Companies Should Adopt the Lessons of Gaming

Interest in Mobile WiFi Hotspots Fuels New Solutions

A Closer Look at Public Cloud Security

View More Articles

Brought to You By

Related Content

EDITORS' PICKS

8 Dirty Little Tech Secrets

What Would You Sacrifice For A New Smartphone?

Android, iOS More Popular in the Enterprise Than BlackBerry

The CIO Insight 2011 Fall Reading List

We're Going All-In With Apple: Now What?

	LATEST STORIES
	- IT Careers: Departures Mark Exec Shuffles at... - Microsoft Office on iPads, Android Tablets C... - Quest Software Acquisition Would Bolster Del... - N.J. Mayor, Son Arrested for Computer Hackin... - Why HP's Next Leader Should Come from Within...

FEEDBACK

Send your thoughts about CIO Insight, its Web site, and any individual articles to editors@cioinsight-ziffdavisenterprise.com

	Ziff Davis Enterprise RSS Feeds
	Get CIO Insight news delivered to your desktop with RSS.


		Try Windows Azure free for 90 days Introducing the world's first family of systems with integrated expertise FREE Securing Smartphones & Tablets for Dummies Book from Sophos 77% of the Fortune 500 Manage Content Securely with Box. Leverage your virtual computing environment with Dell. Build an IT Infrastructure That Delivers the Future 5 New Technologies That Will Change Enterprise IT

CIO Insight:	Issue Index \| Contact Us \| About \| Advertise \| Magazine Customer Service \| Site Map
Quick Links:	Enterprise Mobility Zone \| Management Case Studies \| Loyalty Programs \| Term Sheet \| Strategy Maps \| Organizational Behavior \| Net Present Value Calculator \| Link to Us
	Security: Network Security Entprise Networking Infrastructure Security How To: Data IT Security News Cheap Hack Blog Security Watch Blog Storage: Storage Cloud Storage Storage Virtualization Network Access Storage Storage Reviews Data Storage News How To: Storage Storage Station Blog Computing: Apple OSX Linux Systems Windows Vista Managed Print Services Cloud Computing PC Reviews Microsoft Watch Blog Apple Watch Blog Google Watch Blog Communications: VoIP Solutions Wireless Technology Messaging Software Web Services Mobile Applications Wireless News Mobile Reviews Apps & Development: Application Development SAAS Search Engines Database Software Web 2.0 IT Project Management Emerging Tech Blog CIO Insight Blogs CIOs
	Vertical Markets: Federal Government IT Health Care IT Finance IT Mid-Market Channel Partners Careers Blog Value Added Resellers More eWeek Links: Green Computing Tech Knowledge Center Tech Newsletters Tech RSS Feeds White Papers Tech Podcasts Tech Videos Magazine Subscriptions Enterprise Websites: ZDE Home eWeek Baseline Channel Insider CIO Insight eSeminars eWeek Mid-Market Publish Online Web Buyers Guide Developer Websites: Dev Shed DeveloperShed ASP Free MS DevSource SEO Chat Codewalkers Tutorialized Scripts.com Dev Mechanic Dev Articles Web Hosters Dev Hardware Technology Websites: Device Forge Desktop Linux Linux Devices Windows for Devices TechDirect iGrep Search Engine PDF Zone Linux Watch
	Use of this site is governed by our Terms of Use and Privacy Policy Copyright ©1996-2012 Ziff Davis Enterprise Holdings Inc. All Rights Reserved. eWEEK and Spencer F. Katt are trademarks of Ziff Davis Enterprise Holdings, Inc. Reproduction in whole or in part in any form or medium without express written permission of Ziff Davis Enterprise Inc. is prohibited. eWeek is your best source for the latest Technology News. ZDE Cluster 10.

Stop Searching. Start Finding.

Cyber-Criminals Launch Phishing Attacks Using Free Domain Services

Phishing gangs are making use of free sub-domain servers to launch their attacks, a new research report finds.

test

Related Content

Stop Searching.
Start Finding.