- Category: March 2011
The Anti-Phishing Working Group (APWG), founded in 2003, is a global industry, law enforcement, and government coalition focused on eliminating the identity theft and fraud that result from the growing problem of phishing, email spoofing, and crimeware.
In their recent report, the group states, that the online classified advertisement services sector has been increasingly exploited as a phishing attack vector by ecrime gangs. A trend confirmed by the growth of attacks abusing classified companies in the first half of 2010, which accounts for 6.6 percent of phishing attacks in Q2 2010 alone, according to the APWG’s Q2, 2010 Phishing Activity Trends Report.
While the online payment services sector remained the most targeted industry with 38 percent of detected attacks in Q2, up from 37 percent in Q1, the classified advertisement services sector exhibited the most rapid growth in phishing attacks of all sectors.
Ihab Shraim, MarkMonitor's Chief Security Officer and Trends Report contributing analyst said, “The Classifieds sector grew 142 percent from the previous quarter and over 91,000 percent from the comparable quarter [Q1] a year ago. This sudden growth may have been due to Auction sector phishing resources shifting over to the Classifieds sector."
Classified advertisement websites for person-to-person trading, job postings, personal ads and other kinds of online commerce and culture offer ecrime gangs rich contexts for casting false scenarios to trick consumers into giving up funds or financial data that can be used for fraud, or even to draft them as unwitting accomplices into their criminal enterprises such as working as money mules.
Meanwhile, the growth of detected samples of rogueware – malicious crimeware disguised as anti-virus or anti-spyware software – rose some 13 percent from quarter to quarter, up from 183,781 in Q1 to 207,322 in Q2, 2010.
Luis Corrons, PandaLabs Technical Director and APWG Trends Report contributing analyst, said that just three rogueware “families” are responsible for 72 percent of all the samples detected in this period: Adware/SecurityTool was the most frequently detected rogueware family in Q2 with 25 percent; Adware/TotalSecurity2009 was second with 24 percent; and Adware/MSAntispyware2009 was third with 21 percent of the rogueware samples detected in Q2.
Although some APWG metrics show conventional spam-based phishing attacks levelling off in the first half of 2010, field reports and statistical surveys from APWG member companies indicate that ecrime gangs are cultivating an array of alternative attack schemes: selling bogus security software to infect users PCs (rogueware); deploying website and search engine advertisements that link to malicious code or to downloader websites sites designed to infect consumers’ PCs (malvertising); crafting focused-target phishing against corporate treasurers and key personnel; deployment of advanced crimeware and social-engineering schemes crafted specifically for social networking websites and the applications that are running on them; and more.
APWG Secretary General Peter Cassidy said, “While the once-rapid expansion of conventional phishing is apparently slowing, there is every indication that ecrime gangs are expending much greater effort to design and deploy ever more undetectable, manipulative, focused and attractive schemes to defraud consumers and enterprise users. These organizations have become no less ambitious, we should note, just increasingly sophisticated and evermore deft in their criminal craftsmanship.”
The full report is available here: http://www.apwg.org/reports/apwg_report_q2_2010.pdf