Phishers use legitimate SSL certificates to fool victims

Phishers use legitimate SSL certificates as these increase chances that users will click on the links as they believe the sites are genuine and can be trusted. “End users would only notice the deception if they reviewed the certificate or had other visual indicators, such as whether or not the site was secured with an extended validation SSL certificate”, Symantec said.

Sectors hit by phishing

  • Financial: 81%
  • Information services: 17%
  • Government: 1%
  • Other: <1%

The phishing report found a 52% increase in the number of phishing attacks in July from June. The increase was mainly seen in the information services sector due to a large phishing toolkit attack targeted towards a social networking brand.

In fact, 63% of the phishing URLs were generated using phishing toolkits, a 150% increase over the previous month, Symantec found.

Global distribution of phishing sites

  • USA: 35%
  • Germany: 5%
  • Romania 5%

The use of web hosting services for phishing attacks was down 14% to around 130+ services, and there was a 17% fall in non-English phishing sites.

Phishers are also using IP addresses as part of the hostname instead of a domain name, Symantec found. “This is a tactic used to hide the actual fake domain name that otherwise can be easily noticed. Also, many banks use IP addresses in their website URLs.”

Country of origin of spam

  • US: 25%
  • Brazil: 12%
  • South Korea: 6%
  • Turkey: 4%
  • India: 4%

Still, July saw a 29% fall in IP address attacks from the previous month, with 1067 phishing attacks in 61 countries.

State of spam

Overall spam volumes in July averaged at 89% of all emails. Image spam made up 17% of all spam. Health spam was down 17%, product spam up eight percent and 419 spam up three percent.

Spam categories

  • Internet: 28%
  • Products: 21%
  • Financial: 16%
  • Health: 11%
  • 419 spam: 9%

Topics favoured by spammers included the 200 day mark for the Obama administration on 6 August – especially on the topic of health as President Obama has promised a series of reforms to the healthcare system. Michael Jackson’s death also featured high on the list as well as the release of the latest Harry Potter film.

As always, spammers also made use of message subject lines often used in legitimate email messages by valid companies.


Symantec urged users to be aware of SSL certificate frauds, avoid clicking on suspicious links and/or attachments, to rather type URLs directly into web browsers and to keep software updated.

What’s hot on Infosecurity Magazine?