Researchers at Websense found that 38.5 percent of the phishing attacks they discovered were conducted on Friday, with Monday (30 percent) and Sunday (10.9 percent) coming in at second and third, respectively.
The U.S.A. is the leader as far as countries hosting the most phishing domains between Sept. 30, 2011, and Oct. 1, 2012.
The bulk of these broad phishing aggression share a link to a fake web landing pages to steal the log in credentials of users. Where are these phishing sites hosted? Our research indicates that a large percentage of these sites is hosted in the United States.
This does not mean that the absolute majority of phishing criminals are in the U.S. It’s more probable a representation of available bandwidth, infrastructure, number of servers and ease of domain registration.
Top 10 countries hosting phishing domains: *Based on September 30, 2011-October 1, 2012 research – http://community.websense.com
- United States
- United Kingdom
- Russian Federation
According to Websense, all but one of the top five phishing email subject lines are related to security.
Between July and September, the most common subject line used by phishers was “Your account has been accessed by a third party,” the firm said.
Top five phishing email subject lines: *Based on July – September 2012 research – http://community.websense.com
- Your account has been accessed by a third party
- (Bank Name) Internet Banking Customer Service Message
- Security Measures
- Verify your activity
- Account security Notification
“How many times have you been browsing a web page and you get a pop up warning you that your computer is compromised? Most of us now know that these popups are the result of a fake AV scam and many of us have been conditioned not to click on these,” Runald blogged. “However, if you receive a security alert email that looks like it comes from an organization you have a relationship with, such as a bank, or a social network you are a member of, it may increase your likelihood to click.”