Taobao.com is one of China's largest e-commerce sites, specializing in business-to-consumer and consumer-to-consumer transactions, similar to eBay and Amazon. For several years, PayPal had been the world’s most frequent phishing target, due to PayPal’s ubiquity and its popularity with consumers. In 2H2011 there were 18,508 phishing attacks against Taobao.com – 22 percent of all the phishing attacks recorded worldwide. There was also drop in attacks against PayPal.
“Attacks by Chinese phishers have exploded, as they take advantage of China’s stream of new Internet users,” said Greg Aaron of Afilias, one of the paper’s co-authors. “But the problem is not limited to China—these phishers use hosting and domain names based in the U.S. and Europe. It’s a reminder that e-crime often requires international solutions. Fortunately there is data-sharing and cooperation happening to combat the problem.”
Globally, for the first time, malicious use of subdomain registration services eclipsed the registration of regular domain names by phishers. There were 17,390 phishing attacks hosted on subdomain services in the second half of 2011, using 16,664 unique subdomains. This was a 38% increase from the 12,574 attacks we recorded in 1H2011.
“This is a clear example of phishers gravitating towards services they can readily abuse,” said Rod Rasmussen, CTO of Internet Identity and the study’s other co-author. “Use of subdomain services is a challenge because only the subdomain providers themselves can effectively mitigate these phish. While many of these services are responsive to complaints, few take proactive measures to keep criminals from abusing their services in the first place.”
Other highlights of the report include: