The figures form part of the APWG's Phishing Activity Trends Report (PDF) which highlighted aggressive sub-domain phishing tactics in which phishers load a large number of dangerous URLs on the same domain.
This method is similar to tactics employed by phishing gangs in late 2006, when phishers were placing thousands of phishing URLs under the same domain.
"They are trying to overwhelm the filtering mechanisms in browsers and anti-phishing programs by using many URLs, some of which may resolve to the same phishing site," said Peter Cassidy, secretary general of the APWG.
Phishers create unique URLs by randomising the subdomain of a registered site to create new addresses that are not found on security software blacklists, thereby avoiding detection.
Financial services continue to be the most targeted industry sector at 92.5 per cent of all attacks in April, followed by social networking sites, VoIP companies and large web-based email providers.
The US continued to host the most phishing websites and several large US banks were among the most-attacked brands. Two top US banks were targeted for at least two months in a row.
A large number of European banks were hit in April, making up seven of the 20 most targeted brands over the course of the month.
Despite the huge jump in phishing sites, the unique phishing reports submitted to the APWG in April was 23,656, a drop of over 1,000 from March.
.png&h=140&w=231&c=1&s=0)
.png&w=120&c=1&s=0)
EDUtech AU
.png&w=120&c=1&s=0)
Security Exhibition & Conference 2025
Integrate Expo 2025
Digital As Usual Cybersecurity Roadshow: Brisbane edition
iTnews Benchmark Security Awards 2025
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
