Phishing, as Wikipedia defines it, is the “criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication.” Phishing is a prevalent problem for e-commerce business owners because it strikes at the heart of a business’s goodwill, namely, consumer trust. ICANN’s Anti Phishing Working Group (APWG) conducted a survey and analysis of the relationship between domain name registration and administration and phishing scams in 2007, which focused on a new and disturbing trend in registrar impersonation and other fraudulent domain name uses.
The APWG study found that brand name top-level domain names (TLDs) rarely matter to phishers. Instead, they have been utilizing generic TLDs with subdomains that incorporate famous trademarks to confuse Internet users. Phishers choose a TLD based on its registar’s anti-abuse policy, and not domain name prices. And phishing from shared hosting services, such as Yahoo’s Geocities, is down.
The study also found that phishers use random number generators to generate URLs with subdomains that are unique to each email or instant message sent to an Internet user. These dynamic URLs typically point to the same phishing scam, but the randomly numbered subdomains allow the messages to get around spam filters that check for duplicate links to the same URL. Phishers also use one domain name to phish multiple brand names, and some forgo domain names altogether and use IP addresses.
Since phishing scams are usually hosted on compromised computers and domain names, taking down a domain name to combat the scam often interrupts service to the compromised user’s website. The APWG found that phishing occurred on domain names registered as 182 different TLDs. Among the generic top-level domains (gTLDs), .com registered the most phishing scams with 23,860. The .net and .org gTLDs came in second and third, with 3,973 and 2,627 respectively. Among country code TLDs (ccTLDs), .hk ranked the highest with 1,707. Domains listed on the .ru (Russia) and .pl (Poland) came in second and third, with 684 and 581 respectively.
If you have been the victim of a phishing scam or if you would like to protect your e-commerce business from phishing attacks, please contact an attorney with experience in this area.