HOME | ABOUT US | INSIGHTS | WHITE PAPERS | CLIENT SERVICES | OUR ASSOCIATES | CONTACT US

HOME

ABOUT US

INSIGHTS

WHITE PAPERS

Phishing Landscape 2021

Domain Security 2021

Contact Data Study 2021

Phishing Landscape 2020

Domain Registration Data

Criminal Abuse of Domain Names

It's Not About the Internet

Protecting and Promoting the Open Internet

Interconnection and Peering among ISPs

Authentication Issues for Financial Services

Fostering Business Resilience

CLIENT SERVICES

OUR ASSOCIATES

CONTACT US

Insights | White Papers

Phishing Landscape 2021:
An Annual Study of the Scope and Distribution of Phishing

Executive Summary    Full Report   

The study, which analyzes nearly 1.5 million phishing reports representing 700,000 phishing attacks, shows that phishing increased by nearly 70% over the period 1 May 2020 through 30 April 2021.

Phishing continues to pose a significant threat to millions of Internet users. Among the major findings in the study, Interisle reports that:

  • Most phishing is concentrated at small numbers of domain registrars, domain registries, and hosting providers. 69% of the domains used for phishing were registered in 10 Top-level Domains and 69% were registered through just 10 registrars.
  • Phishing attacks are disproportionately concentrated in new gTLDs (nTLDs). While the new TLDs' market share decreased during our yearly reporting period, phishing among the new TLDs has increased.
  • Phishing domain registrations in some TLDs are overwhelmingly dominated by a small number of registrars. In some cases, 90% or more of the malicious domains in a TLD were registered through one gTLD registrar.
  • 41% of all phishing attacks occurred at just ten hosting providers. We identified 4,110 hosting networks (ASNs) where phishing web sites were reported. 28% of all phishing attacks occurred on just four hosting networks.
  • Phishers targeted 1,804 businesses or organizations during the 1 May 2020 to 30 April 2021 period. The top 10 brands targeted over the course of our annual period account for 46% of the reported phishing attacks.
  • When phishers register domains, they tend to use them quickly. 57% of domains reported for phishing were used within 14 days following registration and more than half of those were used within 48 hours.

The study also reports that most phishing occurs on domains purposely (maliciously) registered for phishing attacks. Interisle determined that 65% of domains associated with phishing attacks were maliciously registered.

You may read an Executive Summary of the Report or the complete Report.

Comments can be submitted to criminaldomainabuse@interisle.net

The opinions, findings, and conclusions or recommendations expressed in this report are the product of independent work conducted by Interisle Consulting Group, without direction or other influence from any outside party, including parties that may have provided funding to support the work.
 

World class expertise
in Internet technology
and network strategy




Privacy Statement

© Interisle Consulting Group