Symantec Global internet Security threat report
the growth of the online retail sector has been considerable over the last several years and this is one sector seemingly unaffected by the global recession; for example, one survey found that, in 2009, shoppers were spending 94 percent more per order online and that, in the United States, online retail sales increased over 14 percent from 2008.182 phishers are capitalizing on the fact that online retailers regularly require the input of financial information that, if obtained by the phishers, can be sold or used for fraudulent financial gain. if phishing attempts to acquire usernames, passwords, and credit card information prove successful, then the resultant information can be used on legitimate websites to purchase goods using the stolen credit card information.
Despite the fact that it offers promise for potential gain, it would appear that phishers did not target the retail sector in 2009 as much as in previous years. Even though the number of unique phished brands increased by 36 percent, the number of phishing UrLs targeting those brands decreased by almost 20 percent when compared to 2008 data. this suggests that it is probably easier and more lucrative for an attacker to buy a credit card number on the underground economy or obtain credit card details via an online banking scam, rather than taking the time to phish a retail account. For example, stolen credit can be easily laundered online, such as through online gambling sites where a number of “players” could populate an entire poker game and arrange to lose money to one another, which is easier than having to fence products procured from phished retail accounts that could be easily traced. this is another possible explanation for the significant increase in the number of UrLs targeting the financial sector and the reduction in the number of UrLs targeting the retail sector in 2009. Symantec predicts that this trend will continue through 2010.
Countries hosting phishing URLs and top targeted sectors
this metric will assess the countries in which the most phishing UrLs were hosted in 2009. this data is a snapshot in time and does not offer insight into changes in the locations of certain phishing sites over the course of the reporting period. it should also be noted that the fact that a phishing UrL is hosted in a certain country does not necessarily mean that the attacker is located in that country.
in 2009, 36 percent of all phishing UrLs detected by Symantec were located in the United States (table 20). this is considerably less than 2008 and 2007, when 43 percent and 69 percent of phishing UrLs originated there, respectively. this declining trend was discussed in the previous version of the Symantec Global Internet Security Threat Report, which suggested that the threat landscape was shifting from the United States to emerging countries with rapidly expanding broadband infrastructures.183
Of the phishing UrLs situated in the United States, 70 percent of phished brands were associated with financial services. this is in keeping with the global trend, in which 74 percent of phishing UrLs detected across the internet as a whole were associated with the financial services sector. this is in keeping with the global trend, since 74 percent of phishing UrLs detected across the internet as a whole were associated with financial service organizations. this trend of targeting the financial sector is reflected in the top 10 countries hosting phishing UrLs in 2009. As previously discussed in “Phishing activity by sector,” the financial sector offers the best chance of lucrative financial reward for phishers.
http://www.coremetrics.com/company/2009/pr12-21-09-online_retail_sales.php h t t p : / / e v a l . s y m a n t e c . c o m / m k t g i n f o / e n t e r p r i s e / w h i t e _ p a p e r s / b - w h i t e p a p e r _ e x e c _ s u m m a r y _ i n t e r n e t _ s e c u r i t y _ t h r e a t _ r e p o r t _ x i v _ 0 4 - 2 0 0 9 . e n - u s . p d f : p . 8