APWG Report: Phishers Shift to Target Online Game Players

Criminals Diversify Choices of Targets, Increase Use of Crimeware

BUENOS AIRES, Argentina--()--The APWG reports in its Q4 2012 Phishing Activity Trends Report this week that phishing attacks against online game players saw a massive increase, climbing from 2.7 percent of all phishing attacks in Q3 to 14.7 percent in Q4.

“The success of the sector and the richness of in-game commerce options available in online game systems has attracted the attention of phishers who’ve had a decade to hone their skills against online banking and commerce systems. Playing safe is an important today as playing fair,” said APWG Secretary General Peter Cassidy.

Attacks against social media sites doubled to 6 percent, up from 3 percent in Q3. Financial services continued to be the most-targeted industry sector in the fourth quarter, with payment services close behind, the report found.

Online gaming credentials are valuable to certain criminals, who sell them on the black market. In-game items held in those accounts can also be sold by phishers for real-world cash. Depending upon how much information is revealed, the victims can even have their real-life identities stolen.

Overall the APWG’s statistics show that the number of phishing sites declined every month from April 2012 through December 2012. In Q4, the APWG received reports of 51,232 unique phishing sites in October, falling to 28,195 in December. This and other statistics reveal that criminals are relying less on pure social engineering scams such as classic phishing based on social engineering schemes. Instead, there is increased emphasis on deploying crimeware – malware designed to steal the user’s credentials automatically and placing them in the phisher’s control.

Trojans continue to account for about three-quarters of all newly detected crimeware threats. The penetration of malware payloads is also high. According to APWG contributor Luis Corrons of PandaLabs, during Q4 about 30 percent of personal computers worldwide were infected with malware. More than 57 percent of PCs in China may have been infected, while PCs in European nations were infected least-often.

“These shifts are due to fraudsters using more advanced phishing techniques, such as geo-IP blocking and malware,” said Ihab Shraim, Chief Information Security Officer and VP, Anti-Fraud Engineering & Operations at MarkMonitor. “Phishers are also taking advantage of the availability of non-traditional platforms such as social media and mobile to launch newer types of targeted phishing attacks.”

The full text of the report is available here: http://docs.apwg.org/reports/apwg_trends_report_Q4_2012.pdf

About the APWG

The APWG, founded in 2003 as the Anti-Phishing Working Group, is the global industry, law enforcement, and government coalition focused on unifying the global response to electronic crime. Membership is open to qualified financial institutions, online retailers, ISPs and Telcos, the law enforcement community, solutions providers, multi-lateral treaty organizations, research centers, trade associations and government agencies. There are more than 2,000 companies, government agencies and NGOs participating in the APWG worldwide. The APWG's www.apwg.org and education.apwg.org websites offer the public, industry and government agencies practical information about phishing and electronically mediated fraud as well as pointers to pragmatic technical solutions that provide immediate protection. The APWG is co-founder and co-manager of the Stop. Think. Connect. Messaging Convention, the global online safety public awareness collaborative www.stopthinkconnect.org and founder/curator of the eCrime Researchers Summit, the world's only peer-reviewed conference dedicated specifically to electronic crime studies www.ecrimeresearch.org.

Among APWG's corporate sponsors are as follows: Afilias Ltd., AhnLab, AT&T(T), Avast!, AVG Technologies, BBN Technologies, Barracuda Networks, BillMeLater, Bkav, Booz Allen Hamilton, Blue Coat, BrandMail, BrandProtect, Bsecure Technologies, Check Point Software Technologies, Comcast, CSIRTBANELCO, Cyber Defender, Cyveillance, Domain Tools, Donuts.co, Easy Solutions, eBay/PayPal (EBAY), eCert, EC Cert, ESET, EST Soft, Facebook, Fortinet, FraudWatch International, F-Secure, GlobalSign, GoDaddy, Google, GroupIB, Hauri, Hitachi Systems, Ltd., Huawei Symantec, ICANN, Iconix, IID, IronPort, ING Bank, Intuit, IT Matrix, Kindsight, LaCaixa, Lenos Software, MailShell, MarkMonitor, M86Security, McAfee (MFE), Melbourne IT, MessageLevel, Microsoft (MSFT), MicroWorld, Mirapoint, NHN, MyPW, nProtect Online Security, Netcraft, Network Solutions, NeuStar, Nominet, Nominum, Public Interest Registry, Panda Software, Phishlabs, Phishme.com, Phorm, Planty.net, Prevx, Proofpoint, QinetiQ, Return Path, RSA Security (EMC), RuleSpace, SAIC (From Science to Solutions), SalesForce, SecureBrain, S21sec, SIDN, SoftForum, SoftLayer, SoftSecurity, SOPHOS, SunTrust, SurfControl, Symantec (SYMC), Tagged, TDS Telecom, Telefonica (TEF), TransCreditBank, Trend Micro (TMIC), Vasco (VDSI), VeriSign (VRSN), Websense Inc. (WBSN), Wombat Security Technologies, Yahoo! (YHOO),zvelo and ZYNGA.

Contacts

APWG
Peter Cassidy, +1-617-669-1123
pcassidy@apwg.org
http://www.apwg.org
or
PandaLabs
Luis Corrons
lcorrons@pandasoftware.es
http://www.pandasoftware.es
or
Websense
publicrelations@websense.com
http://www.websense.com
or
Internet Identity:
Andrew Goss, +1-253-853-5151 ext. 224
pr@internetidentity.com
or
MarkMonitor
Te Smith, +1 831-818-1267
Te.Smith@markmonitor.com
http://www.markmonitor.org

Release Summary

APWG reports this week that phishing attacks against online game players saw a massive increase, climbing from 2.7 percent of all phishing attacks in Q3 to 15 percent in Q4

Contacts

APWG
Peter Cassidy, +1-617-669-1123
pcassidy@apwg.org
http://www.apwg.org
or
PandaLabs
Luis Corrons
lcorrons@pandasoftware.es
http://www.pandasoftware.es
or
Websense
publicrelations@websense.com
http://www.websense.com
or
Internet Identity:
Andrew Goss, +1-253-853-5151 ext. 224
pr@internetidentity.com
or
MarkMonitor
Te Smith, +1 831-818-1267
Te.Smith@markmonitor.com
http://www.markmonitor.org