The APWG believes the trend away from targeting Port 80 indicates that the number of user PCs that have been compromised for phishing attacks is growing.
The United States had the most phishing sites, with more than 32 percent of those reported. China and South Korea placed second and third, with 13 percent and 10 percent of sites reported, respectively.
Phishing attacks
There were 12,845 new, unique phishing e-mails reported to the APWG last month. And the number of phishing Web sites supporting these messages reached 2,560, up 47 percent from 1,740.
The types of attacks are also expanding, with miscreants looking beyond “Port 80” HTTP-based attacks. Port 80 is the default port for the HTTP Web protocol. In January, nearly 10 percent of phishing sites were hosted on non-Port 80 HTTP servers in an apparent attempt to evade detection.
The report also said that financial service firms continue to be a leading target. Eight of nine newly “highjacked” brands in January belonged to financial institutions.
“Phishers have been focusing on the financial sector and, within that, their attentions have been directed toward smaller institutions; even a state credit union was attacked in the last month.” APWG Secretary General Peter Cassidy in a statement.
Phishing sites come and go. The average length a site is active is 5.8 days, APWG said.
Beyond simply duping unsuspecting Web users into giving identity information, cross-scripting and trojans
“During the month of January, Websense Security Labs saw a number of attacks using cross-site scripting to redirect URLs from popular Web sites in order to better present themselves and as a means to prevent blocking,” the APWG report stated.