Monday, November 18, 2019
Home / Security / Websense Finds Phishing peaks on Fridays

Websense Finds Phishing peaks on Fridays

Researchers at Websense found that 38.5 percent of the phishing attacks they discovered were conducted on Friday, with Monday (30 percent) and Sunday (10.9 percent) coming in at second and third, respectively.

The U.S.A. is the leader as far as countries hosting the most phishing domains between Sept. 30, 2011, and Oct. 1, 2012.

The bulk of these broad phishing aggression share a link to a fake web landing pages to steal the log in credentials of users.  Where are these phishing sites hosted? Our research indicates that a large percentage of these sites is hosted in the United States.

This does not mean that the absolute majority of phishing criminals are in the U.S. It’s more probable a representation of available bandwidth, infrastructure, number of servers and ease of domain registration.

Top 10 countries hosting phishing domains: *Based on September 30, 2011-October 1, 2012 research –

  1. United States
  2. Canada
  3. Bahamas
  4. Egypt
  5. Germany
  6. United Kingdom
  7. Netherlands
  8. France
  9. Brazil
  10. Russian Federation

According to Websense, all but one of the top five phishing email subject lines are related to security.

Between July and September, the most common subject line used by phishers was “Your account has been accessed by a third party,” the firm said.

Top five phishing email subject lines: *Based on July – September 2012 research –

  1. Your account has been accessed by a third party
  2. (Bank Name) Internet Banking Customer Service Message
  3. Security Measures
  4. Verify your activity
  5. Account security Notification

“How many times have you been browsing a web page and you get a pop up warning you that your computer is compromised? Most of us now know that these popups are the result of a fake AV scam and many of us have been conditioned not to click on these,” Runald blogged. “However, if you receive a security alert email that looks like it comes from an organization you have a relationship with, such as a bank, or a social network you are a member of, it may increase your likelihood to click.”

About FastFlux

Owner of ZeroSecurity, interested in programming, malware analysis and penetration testing. If you would like to write for the ZeroSecurity team, please use the contact form above.

Check Also

Amazon hacked – hacker leaks 80,000 login credentials

A hacker going by the name 0x2Taylor has said to have breached the servers of …