How Much Phishing is Too Much Phishing?

What’s going on?

• First off, the exact size of the phishing problem remains unknown. However, the problem is bigger than it seems.
• Most phishing is focused on a small number of domain registrars and registries and hosting providers. 
• Of all the maliciously registered domains, 65% is used within 5 days of registration.
• Around 9% of phishing attacks are conducted on a small number of subdomain service providers. 

Some phishing instances

• The Australian Cyber Security Centre issued an alert warning of a wave of Emotet attacks targeting the critical infrastructure and government agencies in the country.
• A digital marketing agency, teamDigital, was found exposing clients’ sensitive data. The clients include NFL, NBL, Mastercard, and Soundcloud, among others. This data leak can possibly lead to targeted phishing and ransomware campaigns. 
• G7 finance ministers expressed their concern over the rise of ransomware attacks against hospitals, educational institutions, and critical infrastructure. 

You cannot catch every phish

• Phishing attacks go on for a limited duration. The limited time frame is not enough to confirm the presence of a phishing site.
• The internet is huge. This implies that each blocklist provider has a limited visibility into attacks. 
• A firm using a single blocklist provider leaves its users prone to various phishing attacks over time. No single solution is capable of providing entire protection, thus, giving attackers an upper hand over defenders.

The bottom line