The number of worldwide phishing attacks continues to grow, having reached an all-time high of 255,065 unique attacks in 2016, according to the Anti-Phishing Working Group’s (APWG) annual report, “Global Phishing Survey: Trends and Domain Name Use in 2016,” published this summer.
Why is this important to IP professionals? For those that manage domain portfolios or monitor domain registrations, this is an important issue to understand because you have a role to play in defending your company or your clients from these attacks.
This wasn’t always the case. Over the past 10 years that the APWG has been publishing these reports, most phishing attacks have originated from compromised Web sites that had been hacked and used to execute these campaigns. However, the most recent data show that we’re experiencing an important new trend: the use of malicious domain registrations to conduct phishing attacks is growing rapidly. As recently as 2012, phishing attacks from maliciously registered domain names comprised less than 9% of all phishing attacks worldwide. In 2016, nearly half of all phishing attacks originated from malicious registrations.