Symantec's Latest 'State of Spam & Phishing' Report

Report #51 from Symantec, the "State of Spam & Phishing" for March 2011 is out. From the phishing side, the news is grim but not unexpected. Phishing is up 38.56% for the month, thanks mostly to automated toolkits (Zeus, Zbot, and so forth) and unique domains, where the increase for automated toolkits was up just over 50% and unique URLs were up nearly 34%. Phishing websites that used IP domain names, however, were down by over 47%  (such as http://255.255.255.255, which is invalid BTW — it's Symantec's example, not ours). Webhosting services jumped to 13% of all phishing, which represents a jump of nearly 39 percent from the preceding month. The biggest boost occurred for non-English-language phishing sites, which jumped by a whopping 76-plus% for February, 2011, with Portuguese and Spanish in the forefront of that rise.



What do all these numbers tell us? Phishing, alas, remains alive and well, and it's no comfort at all that attacks are switching from blantant IP-domain addressing (using numeric IP addresses instead of symbolic domain names) to other techniques. That only means that phishing is growing more sophisticated, and probably enjoying higher success rates. As the following graphic illustrates (click the thumbnail, to see a full-size image, please), the US still leads the pack for phishing lure placement which ones again demonstrates that crooks like to "follow the money" to where the action is.



Be sure to check out the full report, for more interesting graphics, statistics, and analysis.



Stu Sjouwerman



KnowBe4