The APWG, a committee dedicated to combating Internet scams and fraud, released what they call the Global Phishing Survey today. The report, which analyzed more than 30,000 phishing websites in 2008, can be downloaded here (PDF).
The organization measured the prevalence of a given domain using the metric “phishing attacks per 10,000.” It looked at TLDs with a minimum of 30,000 registrations. Venezuela’s .ve came in first, with a score of 182.3 attacks per 10,000 domains. Trailing far behind in second is Thailand with a score of 22.1 for its .th domain.
France came in eleventh with a score of 3.3. The .uk extension didn’t make the list. Surprisingly, .info had a low score. It bested .com’s 1.8 and .org’s 2.1 with a rock-bottom 1.0. The median score was 2.7 and the average was 6.3, a number which the APWG admits is skewed by TLDs with a high number of registrations.
A good part of the report lauded the .info registry, Afilias, for its work in fighting fishing. This is interesting considering one of the two authors of the report, Greg Aaron, works for Afilias as the Director of Key Account Management and Domain Security. He is also on the APWG committee.
In a press release, Aaron made this comment:
The .INFO registry is at the forefront of protecting Internet users from online identity theft across the world. In January 2008, Afilias implemented a vigorous anti-phishing program working closely with .INFO registrars. We are pleased that the hard work of the .INFO anti-phishing team and dedicated registrars have propelled .INFO to the top spot for safety from phishing.
In 2007, McAfee rated .info as the most dangerous generic TLD. According to the computer security giant, 7.5% of .info sites are potentially dangerous. The domain has long been considered a haven for spam and malware.
APWG also conducted the Global Phishing Survey in 2007 (PDF). That year, .hk had the number one spot with a score of 113.2. The .info TLD still had the lowest score, but it was more than twice as high at 2.6.
However, keep in mind that both APWG surveys rated .info as the safest among the top-20 phishing TLDs. This means that Aarons’ claim of .info being in “the top spot for safety from phishing” is false.
The 2007 survey, which was actually released in 2008, had an interesting component missing from the just released report. It listed the TLDs with the lowest scores. Dot-mobi and .eu had the lowest scores, with 0.6 and 0.7 respectively, while .uk came in third-safest at 1.5. Why weren’t the lowest scores reported in the new survey?
Maybe .info has become safer since 2007, but I would hold off on making any sort of judgment until the results are verified by a more neutral third party. The Global Phishing Survey is just too “phishy” for me to swallow.