“Starting on the afternoon of October 5, 2004, we started seeing a massive increase in the amount of phishing sites,” the group reports. “It appears as though some sort of toolkit is available and/or a set of tools that are being used to produce similar exploits. The sudden large spike may, however, indicates that some automation may be involved.”
The APWG has made some changes in its reporting since its last report in July, discontinuing public reporting about the most frequently attacked targets, and shifting its focus from the number of e-mail scams to the sites hosting them.
The APWG said that while the U.S. still has the largest share of phishing sites (29%), the recent surge in attacks has occurred almost entirely on non-American servers.