Tag: Netcraft

Contents How to Prevent Phishing Attacks How do these phishing attacks work? What’s the impact of these phishing attacks? Loss of Customer Trust Brand Reputation Damage Financial and Legal Ramifications Increased Customer Service Burden Why are so few organizations responding…

Read more →

In the October 2024 survey we received responses from 1,131,068,688 sites across 271,754,817 domains and 13,003,235 web-facing computers. This reflects an increase of 12.0 million sites, 971,957 domains, and 62,565 web-facing computers. OpenResty experienced the largest gain of 2.2 million…

Read more →

Key data  This article explores Netcraft’s research into Xiū gǒu (修狗), a phishing kit in use since at least September 2024 to deploy phishing campaigns targeting the US and UK, Spain, Australia, and Japan. Insights include: A branded mascot and…

Read more →

Key data  This article explores Netcraft’s research into the HookBot malware family and associated attacks on Android devices, including examples of:  Typical HookBot behaviors, such as the use of overlay attacks  The types of brands and apps being impersonated  How…

Read more →

In the wake of the second US presidential election debate between Democrat Kamala Harris and Republican Donald Trump (September 10), Netcraft identified a series of crypto investment scams monopolizing on the publicity around this key event.  Our research uncovered 24…

Read more →

This article explores Netcraft’s research into the recent surge in QR code parking scams in the UK and around the globe. Insights include:  At least two threat groups identified, one of which Netcraft can link to customs tax and postal…

Read more →

In the September 2024 survey we received responses from 1,119,023,272 sites across 270,782,860 domains and 12,940,670 web-facing computers. This reflects an increase of 11.2 million sites, 717,065 domains, and 70,346 web-facing computers. Cloudflare experienced the largest increase of 3.1 million…

Read more →

This article explores Netcraft’s research into the use of generative artificial intelligence (GenAI) to create text for fraudulent websites in 2024. Insights include:  A 3.95x increase in websites with AI-generated text observed between March and August 2024, with a 5.2x…

Read more →

In the August 2024 survey we received responses from 1,107,785,375 sites across 270,065,795 domains and 13,011,016 web-facing computers. This reflects an increase of 3.6 million sites, a loss of 364,061 domains, and an increase of 119,600 web-facing computers. Cloudflare experienced…

Read more →

New Threat Intelligence confirms connections underpinning pig butchering and investment scams Much like companies in the legitimate economy, criminals also specialize: focusing on their core strengths and using third-party Software-as-a-Service platforms and tools to outsource the rest of the business…

Read more →

In the July 2024 survey we received responses from 1,104,170,084 sites across 270,429,856 domains and 12,891,416 web-facing computers. This reflects an increase of 2.7 million sites, 1.3 million domains, and 25,984 web-facing computers. Cloudflare experienced the largest gain of 2.7…

Read more →

For the past year, Netcraft researchers have been tracking a threat actor using generative AI to assist in the creation of 17,000+ phishing and lure sites. These sites operate as infrastructure for phishing attacks that target more than 30 major…

Read more →

More than $40k lost to crypto drainer scams leveraging IPFS and malicious code hidden behind look-alike CDN imitations. At Netcraft, we’ve been disrupting cryptocurrency-based scams for over 10 years, including more than 15,000 IPFS phishing takedowns since 2016. As we closely…

Read more →

More than $40k lost to crypto drainer scams leveraging IPFS and malicious code hidden behind look-alike CDN imitations. At Netcraft, we’ve been disrupting cryptocurrency-based scams for over 10 years, including more than 15,000 IPFS phishing takedowns since 2016. As we closely…

Read more →

In the June 2024 survey we received responses from 1,101,431,853 sites across 269,118,919 domains and 12,865,432 web-facing computers. This reflects an increase of 4.0 million sites, an increase of 981,220 domains, and a decrease of 33,027 web-facing computers. OpenResty experienced…

Read more →

Being a victim of fraud can be devastating enough, but that’s not always the end of the story. Often, fraud victims can be targeted again – only this time by people claiming that they can recover the victim’s initial losses. …

Read more →

Criminals are opportunists, ready to exploit any perceived weakness, from humanitarian efforts to presidential campaigns. Recently, Netcraft has been monitoring a series of attacks surrounding the Trump campaign, particularly following two developments: the May 21st announcement of crypto donations and…

Read more →

Losses to investment scams, romance fraud, and pig butchering reached $4.6 billion in the United States, a 38% increase in 2023. These scams often play out in private peer-to-peer conversations between victim and criminal, well beyond the reach of typical…

Read more →

Fake pharmacies sell prescription-only drugs without a license and without requiring a valid prescription from a doctor. The storefronts are advertised to consumers through web searches, social media, and unsolicited spam emails. As you might expect, many of these platforms…

Read more →

In the May 2024 survey we received responses from 1,097,398,145 sites across 268,137,699 domains and 12,898,459 web-facing computers. This reflects an increase of 4.4 million sites, 202,938 domains, and 26,168 web-facing computers. Cloudflare experienced the largest gain of 4.4 million…

Read more →

Netcraft, the global leader in digital risk protection and threat intelligence, announced its new Conversational Scam Intelligence platform at RSAC in San Francisco, which builds on Netcraft’s intentional approach to using AI to stay ahead of criminals and protect client…

Read more →

On Monday 6th May, Netcraft will be heading to San Francisco along with thousands of other cyber security professionals for RSA Conference 2024. If you’re attending too, we thought we’d share a few insights into how it all started. Use…

Read more →

In the April 2024 survey we received responses from 1,092,963,063 sites across 267,934,761 domains and 12,872,291 web-facing computers. This reflects a gain of 2.8 million sites, a loss of 3.9 million domains, and a gain of 244,716 web-facing computers. OpenResty…

Read more →

Autodesk is hosting malicious PDF files that lead phishing attack victims to have their Microsoft login credentials stolen. The elaborate phishing campaign behind these attacks is much more convincing than normal, as it uses compromised email accounts to find and…

Read more →

Investment scams and AI – a match made in heaven?   Online investment scams are a big money spinner for criminals, accounting for $4.6B of losses in the US. With the explosion of interest in artificial intelligence (AI) following the…

Read more →

Advance fee fraud campaigns are using generative AI in both text and video to speed up responses, evade filters, and make scams more convincing. Large Language Models and other forms of Generative AI (GenAI) promise to make many people more…

Read more →

Chinese-language Phishing-as-a-Service platform ‘darcula’ targets organizations in 100+ countries with sophisticated techniques using more than 20,000 phishing domains   ‘darcula’ [sic] is a new, sophisticated Phishing-as-a-Service (PhaaS) platform used on more than 20,000 phishing domains that provide cyber criminals with easy…

Read more →

In the March 2024 survey we received responses from 1,090,117,902 sites across 271,804,260 domains and 12,627,575 web-facing computers. This reflects an increase of 3.2 million sites, 662,534 domains, and 138,322 web-facing computers. OpenResty experienced the largest gain of 3.0 million…

Read more →

A staggering 12.6 million domains on TLDs controlled by Freenom (.tk, .cf and .gq) have been shut down and no longer resolve, leading to a significant reduction in the number of websites hosted by Cloudflare. The disappearance of these websites…

Read more →

Online investment scams are a global, growing, and uniquely pernicious threat. In newly released data, the Federal Trade Commission attributed more than $4.6 billion of US fraud losses in 2023 to investment scams, more than any other fraud category, and…

Read more →

Ahead of the EU’s Digital Market Act forcing Apple’s hand to permit alternative app download options, is the amount of malware in the existing grey-market for sideloading iPhone apps a portent for things to come? Or has Apple’s approach, despite…

Read more →

In the February 2024 survey we received responses from 1,086,916,398 sites across 271,141,726 domains and 12,489,253 web-facing computers. This reflects an increase of 7.8 million sites, 694,270 domains, and 151,543 web-facing computers. OpenResty made the largest gain of 4.7 million…

Read more →

Netcraft has recently observed that criminals abused SendGrid’s services to launch a phishing campaign impersonating SendGrid itself. The well-known provider, now owned by Twillio, makes sending emails at scale simple and flexible. In addition to scale, the promise of high…

Read more →

Criminals can now deploy phishing sites on any type of web server, even when commonly used server-side technologies such as PHP are not supported. Phishing kits are predominantly implemented in PHP, as this provides the server-side functionality required to store…

Read more →

In the January 2024 survey we received responses from 1,079,154,539 sites across 270,447,456 domains and 12,337,710 web-facing computers. This reflects a loss of 8.9 million sites, a gain of 1.2 million domains, and a loss of 17,900 web-facing computers. nginx…

Read more →

In recent months, we’ve noticed an increased number of high-volume health product campaigns that exploit cheap top-level domains (TLDs), reaching up to 60% of a TLD’s daily domain registrations. This blog looks at current trends around health product scams and…

Read more →

QR Code phishing scams — What they are and how to avoid them. Originally invented to keep track of car parts in the early 90s, QR codes have been around for decades. After gaining broader acceptance during the COVID-19 pandemic,…

Read more →

In the December 2023 survey we received responses from 1,088,057,023 sites across 269,268,434 domains and 12,355,610 web-facing computers. This reflects a loss of 4.1 million sites, an increase of 238,593 domains, and a loss of 128,028 web-facing computers. nginx experienced…

Read more →

Sri Lanka and Bangladesh have a successful history of co-hosting the Cricket World Cup, but today the two countries’ governments have found themselves on a sticky wicket by co-hosting a phishing attack that targets UK banking customers. Victims lured to…

Read more →

It has been six months since Netcraft first reported on abuse of the new .zip TLD, outlining the fraudulent activity we detected and blocked. Within weeks of its launch, Netcraft had detected many fresh .zip domain registrations designed to exploit…

Read more →

In the November 2023 survey we received responses from 1,092,141,942 sites across 269,029,841 domains and 12,483,638 web-facing computers. This reflects a loss of 1.2 million sites, a gain of 1.1 million domains, and a gain of 112,102 web-facing computers. OpenResty…

Read more →

As Black Friday (and Cyber Monday) approaches, the annual online sales phenomenon shows no sign of slowing down, and neither do cybercriminals looking to take advantage of the busiest shopping days of the year. The kick-off to holiday shopping, much…

Read more →

The InterPlanetary File System (IPFS) is a content-addressed peer-to-peer file sharing network from Protocol Labs being exploited by cybercriminals to host phishing sites and other malicious content. Often associated with the web 3.0 movement, it allows its users to upload,…

Read more →

Given the global interest in artificial intelligence (AI), it comes as no surprise that cybercriminals are looking to exploit the media hype. 2023 has seen a rapid increase in AI-themed attacks, following the release of Large Language Model (LLM)-powered chatbot…

Read more →

In the October 2023 survey we received responses from 1,093,294,946 sites across 267,962,271 domains and 12,371,536 web-facing computers. This reflects an increase of 8.3 million sites, 13.2 million domains, and 96,682 web-facing computers. The largest gains this month came from…

Read more →