Recently, CNNIC National Engineering Laboratory for Naming and Addressing, in cooperation with Anti-Phishing Working Group (APWG) and Anti-Phishing Alliance of China (APAC), released the 2014 Global Chinese Phishing Attack Trends Report. The statistics insist of three sources: the phishing attacks reported to the Anti-Phishing Alliance of China (APAC), the phishing attacks detected by the National Engineering Laboratory for Naming and Addressing, and the global Chinese phishing attacks reported to the Anti-Phishing Working Group (APWG). The report analyzes the status and the development trends of global Chinese phishing attacks in 2014, which targeted Chinese Internet users, aiming at providing the government, the industry and Internet users the current situation of Chinese phishing attacks.

 

Key statistics of the 2014 Global Chinese Phishing Attack Trends Report：

 

·In 2014, a total of 55,063 Chinese phishing attacks were detected worldwide, which is a little lower than that of 2013 but still remains at a high level. Chinese phishing occurred in 143 top-level domains (TLDs), with 13 more than that of 2013. 

 

·In 2014, 78.4% of the Chinese phishing attacks used three TLDs:.COM, .TK, and .PW. 

 

·In 2014, the top ten TLD, which had the most Chinese phishing sites per 10,000 registered domain names, are: .CF, .PW, .ML, .GA, .EDU, .SX, .CC, .GD, .BI, and .TL, among which .CF, .ML, and .GA ccTLD registries offer free domain names. 

 

·In 2014, the top three targets accounting for 92.1% of Chinese phishing attacks are: Taobao, Industrial and Commercial Bank of China (ICBC), and Human Satellite TV. 

 

·In 2014, 322 Chinese phishing attacks occurred in new gTLDs, including .XYZ, .WANG, .SEXY and .CLUB. 

 

·In 2014, the average uptime of Chinese phishing attacks was 33.1 hours; by comparison, that of the global phishing attacks was 31.2 hours.

 

·With the rapid development of the Internet and its penetration in various industries, the security problems and challenges are becoming more and more serious. Since phishing has become a more and more serious threat to network security, Internet users should enhance awareness, and jointly create a healthy and safe network environment.