The tightening of registration policies for .CN domain names by CNNIC has seen a rapid decline in the number of phishers using .CN domain names and an increase in the use of other top level domains and services, and in particular the CO.CC sub-domain and .TK country code TLD. In a report from the Anti Phishing Working Group titled Global Phishing Survey 2H2010: Trends and Domain Name Use , the APWG found that millions of phishing URLs were reported in 2H2010, but the number of unique phishing attacks and domain names used to host them was much smaller. The .CC domain was used for 7.3 per cent of all phishing attacks in 2H2010 according to the report, the second highest proportion and vastly over-represented compared to other TLDs with six phishing domains per 100,000 domains. There are 4,030,709 .TK domain registrations. The largest TLD was .COM with 48 per cent of all attacks from domain names and 45 per cent of all domain registrations globally, and 2.1 phishing domains per 10,000. When looking at sub-domains, top of the list is co.cc with a total of 4803 attacks, a long way ahead of second place – t35.com with 642 attacks. T35.com dropped to second place due to the large increase in co.cc attacks. There were at least 67,677 phishing attacks worldwide according to the report, which was greater than the 48,244 observed in 1H2010, but significantly less than the record 126,697 observed in 2H2009 at the height of phishing on the Avalanche botnet. The attacks occurred on 42,624 unique domain names. This is a high in APWG reports going back to 2007, and the increase is due to new data about Chinese phishing. Of the 42,624 domains, 11,769 were believed to be registered maliciously, by the phishers (28%). Of those, 6,382 were registered to phish Chinese targets. The other 30,855 domains were hacked or compromised on vulnerable web hosting. Malicious registrations apparently took place in 56 TLDs. Of the phishing that was detected, it remains concentrated in certain namespaces. Sixty percent of attacks occurred in just four TLDs: .COM, .CC, .NET, and .ORG. And 89 percent of malicious domain registrations were made in four TLDs: .COM, .TK, .NET, and .INFO. Tightening of registration policies for .CN domain names was criticised for being restrictive and assisting censorship, new rules barred individuals from registering .CN domains, and required all potential registrants to present a paper application form with a copy of a company business license and a copy of the registrant’s personal identification. As a result, the number of .CN registrations fell from 13.5 million in late 2009 to just 3.4 million in March 2011. In the second half of 2009, APWG observed 2,826 phishing attacks on 228 .CN names. Through the first half of 2010, the numbers dropped to just 162 attacks on 120 domains. In 2H2010, the data shows 352 attacks on 278 .CN domains, with the increase due to CNNIC’s superior data contribution. Half of those domains were used to attack non-Chinese targets. Historically, about 80 per cent of phishing attacks have used the hacked web servers of innocent domain registrants. In contrast, the Chinese phishers prefer to register domain names and subdomains for their malicious work. In 2H2010 APWG counted 12,282 attacks on Chinese institutions, utilising 6,382 unique domain names plus a staggering 4,737 free CO.CC subdomains. Of the 6,382 domain names, just 487 looked hacked. And of the 2,429 .TK domains used for phishing in 2H2010, 2,001 were used to phish Chinese institutions. Top of the list, and top for the last 2.5 years, was .TH (Thailand) with 12.6 phishing domains per 10,000 registrations. But there were only 51,438 registrations in .TH with 65 unique domains used for phishing attacks. To download the 29 page PDF report from the Anti Phishing Working Group in full, go to: www.antiphishing.org/reports/APWG_GlobalPhishingSurvey_2H2010.pdf

An image of the Oak Ridge National Laboratory (WEB HOST INDUSTRY REVIEW) –- Tennessee-based Oak Ridge National Laboratory ( www.ornl.gov ) was hit with a spear phishing attack Friday, forcing the federal data center to cut Internet access for employees, according to a report by Wired . The federal government lab said the cybercriminals only managed to steal a “few megabytes” of information before it realized that the data was being transferred from a server. As of Tuesday, the lab could not say what the stolen data actually entailed

04|18|2011 5:14 pm EDT Phishing GoDaddy WDRP Emails Going Around Once More. by Frank Michlick in Categories: Registrars , Up to the Minute – 0 Comments It appears that another phishing scam is making the rounds trying to get users to reveal their GoDaddy username and password to the scammers. According to “silentg” who received the email and posted on DNForum about it, the email links users to “goldidaddy.com” (registered at Melbourne IT) instead of GoDaddy.com

Electronic Theft Costs Businesses More Than Physical Theft Phishing is the top information theft threat to U.S. companies, according to a Kroll survey that found physical property fall behind information thievery for the first time in its four-year history

Web Hosting News – San Francisco, CA — OpenDNS, provider of the world’s leading Internet navigation and security services that make networks safer, faster, smarter and more reliable, today announced that PhishTank.com, the free community website where anyone can submit, verify, track and share phishing data, reached the one million phishes submitted milestone.

Symantec Finds 92% Of All E-Mail Is Spam Spam is on the rise, and as of July 2010 comprises 92% of all e-mail messages, up from 89% just one year ago, according to a new Symantec study of spam and phishing trends.

Click here to RSVP to WHIR Events: Denver – Aug 26, 2010 Phoenix – Sept 23, 2010 Washington, DC – Oct 21 Five Most Recent Posts News: A Phishing Attack Happens Every 20 Seconds: eleven Report News: Benaroya to Open New Washington Data Center News: SiteGround Launches Cloud Hosting Offering Based On The Planet’s Server Cloud News: DRT Leases More Than 65K Sq.