A recent study conducted by Interisle Consulting has revealed a significant increase in phishing attacks, with a nearly 40 percent rise in the year ending August 2024. The study found that a large portion of this growth is concentrated at a small number of new generic top-level domains (gTLDs), such as .shop, .top, and .xyz, which are attractive to scammers due to their low prices and minimal registration requirements.
These new gTLDs, introduced in the last few years, make up just 11 percent of the market for new domains but accounted for approximately 37 percent of cybercrime domains reported between September 2023 and August 2024. The data for this study was sourced from anti-spam organizations, including the Anti-Phishing Working Group (APWG), the Coalition Against Unsolicited Commercial Email (CAUCE), and the Messaging, Malware, and Mobile Anti-Abuse Working Group (M3AAWG).
While .com and .net domains constitute about half of all registered domains in the past year, they only make up over 40 percent of cybercrime domains. On the other hand, new gTLDs account for 37 percent of cybercrime domains due to their cheap registration fees and lack of stringent verification processes.
Despite the prevalence of cybercriminal activity on new gTLDs, the Internet Corporation for Assigned Names and Numbers (ICANN) is planning to introduce more of these domains in the future. ICANN’s proposed next round envisions accepting applications for new gTLDs in 2026, a move that has raised concerns among experts in the industry.
John Levine, author of “The Internet for Dummies” and president of CAUCE, expressed apprehension about expanding the number of gTLDs without implementing stricter registration policies. He emphasized that ICANN needs to prioritize combating cybercrime over profit-driven initiatives.
In addition to the rise in phishing attacks, Interisle’s study also highlighted changes in the targets of these attacks. While major technology companies like Apple, Facebook, Google, and PayPal were traditionally the most-phished entities, the U.S. Postal Service emerged as the primary target in the past year.
One alarming trend noted in the study is the increasing use of subdomains by phishers, utilizing platforms like blogspot.com, pages.dev, and weebly.com to evade detection. These subdomain providers make it challenging to mitigate cyberattacks as only the provider can disable malicious accounts or remove harmful web pages.
Overall, the study underscores the need for increased vigilance and stricter regulations in the domain registration industry to combat the growing threat of phishing attacks. Organizations and individuals are advised to exercise caution when interacting with unfamiliar domains and to report suspicious activities to relevant authorities.