PhishTank Annual Report: U.S. telecoms hosting phishes; OpenDNS offering a solution
posted by Allison on October 9th, 2007 in Community, Data, Hosts, PhishTank, PhishTank in the news, Statistics
With a full twelve months under our belt, today OpenDNS published the first-ever PhishTank annual report.
The report looks at the more than 300,000 phishes you’ve submitted and helped verify over the course of one year. While some of the report’s findings come as no surprise (e.g., PayPal and eBay round out the top of the list of most spoofed brands), some are alarming. Perhaps the most important finding, and the one that drove us to come up with a fix, is that U.S. telecoms are hosting more phishes than telecoms in any other country.
I think lots of American organizations are led to believe that phishing is something they can do nothing about, aside from simply educating themselves and their people on how to identify phoney emails. Not the case. Starting today we invite all telecoms and other organizations to search PhishTank by their ASN (Autonomous System Number) or brand name. We’ll even deliver information about phishes hosted on their network via a RSS feed. As a hosting provider, once you know about phishes on your network it’s easy to stop them.
Here’s a list of the U.S. telecoms hosting the most phishes, according to PhishTank:
1. SBC – 53,666
2. Comcast – 28,016
3. Roadrunner – 25,925
4. Charter – 12,544
5. Internet Services – 10,332
6. Inktomi Corporation – 9,293
7. XO Communications – 8,511
8. Bresnan Communications – 8,408
9. Advanced Internet Technologies – 8,274
10. Park Region Mutual Telephone Co. – 7,566
Other interesting report findings include:
18 percent of all verified phishing Web sites were hosted on just three IP addresses.
Web sites ending in “.cn” – the Top Level Domain (TLD) assigned to China – account for four of the top five Web sites with the most valid phishes.
One unique phishing scam is launched every two minutes.
You can read the full press releases about the annual report findings here and the new ASN and brand search here.
Thanks to everyone who contributed to what Brian Krebs of the Washington Post today called “one of the most comprehensive data sets ever published on [phishing], offering fascinating insights on the scope and increasing sophistication of phishing attacks.” 
