A recent ebb in domain names reported for phishing created some euphoria in the domain industry.
With phishing activity, as with tides, ebbs are invariably followed by flows.
In their August- October 2022 Quarterly Phishing Activity, the Cybercrime Information Center observed a 40% quarter over quarter increase in phishing attacks, which is a measure of phishing sites that target a specific brand or entity. (Note: if multiple phishing reports refer to the same phishing activity, the Center collapses duplicates to yield phishing attacks.)
The Center reported a nearly 20% quarter over quarter increase in unique domain names reported for phishing. This is a measure of a resource that phishers aquire for phishing attacks and not the same measure as phishing attack.
The increase in unique domain names reported for phishing follows a short period where phishers appeared to use fewer domain names. This is illustrated by the green trendline in the figure.
In the August-October 2022 time period, the number of unique domains reported trends up.
The number of phishing attacks reported has increased dramatically, from 405,000 attacks in the May-June 2022 period to nearly 570,000 attacks in the August-October period. This is illustrated by the orange trendline in the figure.
The majority of domain names reported for phishing continue to be registered by phishers, for phishing (malicious domain registrations).
The Center's quarter over quarter key statistics report that 70% of unique domains reported for phishing were maliciously registered (208,000 of 297,000). This is a 4% increase over the previous quarter.
My advice: put more stock in trend lines than any single measure that creates temporary euphoria.