Site Search
Security business menu
Security business
HOME
Service
Handling Manufacturer
Examples/reports/
Blog/Glossary
Seminar/
video on demand
Event/Seminar
video on demand
User case
Security Report
blog
Glossary
Past and present of domain names used for phishing sites

About reports

This report discusses recent trends in domain abuse in phishing site URLs through the results of research conducted in collaboration with Fujitsu Defense & National Security Ltd.

Download the report "The past and present of domain names used for phishing sites"

Traditional phishing attacks have been devised by combining strings of characters imitating major brand names in phishing URLs. However, after analyzing five years of phishurl-list (a database of URLs used in phishing) provided by JPCERT/CC, it was found that the techniques have changed to phishing URLs that do not contain brand names and to the misuse of subdomains. This suggests that it is becoming more difficult to detect phishing sites using traditional phishing URL detection technology.

<Figure 3 Number of URLs by phishurl-list format and percentage of subdomain types in the total

<Figure 3 Number of URLs by phishurl-list format and percentage of subdomain types in the total

table of contents

  • Summary
  • Survey method and data
  • Overall trends of phishing site URLs
  • Domain abuse trends in phishing site URLs
  • Summary
  • References

Report: "The past and present of domain names used for phishing sites"

Download the report here