Interisle 2021 Phishing Study Reports a 70% Increase in Phishing

10/04/2021 09:54:51 AM

My Interisle colleagues, together with Greg Aaron of Illumintel, have published a study, Phishing Landscape 2021: A study of the scope and distribution of phishing.

From 1 May 2020 through 30 April 2021, we collected nearly 1.5 million phishing reports. Our analyses found ~700,000 phishing attacks among the reports collected.

Highlights from the study:

Phishing increased by nearly 70% over the yearly period.
Most phishing is concentrated at small numbers of
domain registrars, domain registries, and hosting providers.
The top 10 brands targeted accounted for 46% of the phishing attacks associated with specific brands.
Phishing attacks are disproportionately concentrated in new Top-level Domains (TLD).

We studied registration behaviors among phishers and found that when phishers register domains, they tend to use them quickly.

57% of domains reported for phishing were used within 14 days following registration and more than half of those were used within 48 hours.

We also developed a method for distinguishing maliciously registered domain names from legitimate but compromised domain names and found that 65% of phishing occurs on domains registered by phishers, for phishing attacks.