On Monday 6th May, Netcraft will be heading to San Francisco along with thousands of other cyber security professionals for RSA Conference 2024. If you’re attending too, we thought we’d share a few insights into how it all started. Use…
Category: Netcraft
April 2024 Web Server Survey
In the April 2024 survey we received responses from 1,092,963,063 sites across 267,934,761 domains and 12,872,291 web-facing computers. This reflects a gain of 2.8 million sites, a loss of 3.9 million domains, and a gain of 244,716 web-facing computers. OpenResty…
Autodesk hosting PDF files used in Microsoft phishing attacks
Autodesk is hosting malicious PDF files that lead phishing attack victims to have their Microsoft login credentials stolen. The elaborate phishing campaign behind these attacks is much more convincing than normal, as it uses compromised email accounts to find and…
The AI Gold Rush: ChatGPT and OpenAI targeted in AI-themed investment scams
Investment scams and AI – a match made in heaven? Online investment scams are a big money spinner for criminals, accounting for $4.6B of losses in the US. With the explosion of interest in artificial intelligence (AI) following the…
UN? FBI? World Bank? Deepfake police chief used for compensation scam video
Advance fee fraud campaigns are using generative AI in both text and video to speed up responses, evade filters, and make scams more convincing. Large Language Models and other forms of Generative AI (GenAI) promise to make many people more…
Out of the shadows – ’darcula’ iMessage and RCS smishing attacks target USPS and global postal services
Chinese-language Phishing-as-a-Service platform ‘darcula’ targets organizations in 100+ countries with sophisticated techniques using more than 20,000 phishing domains ‘darcula’ [sic] is a new, sophisticated Phishing-as-a-Service (PhaaS) platform used on more than 20,000 phishing domains that provide cyber criminals with easy…
March 2024 Web Server Survey
In the March 2024 survey we received responses from 1,090,117,902 sites across 271,804,260 domains and 12,627,575 web-facing computers. This reflects an increase of 3.2 million sites, 662,534 domains, and 138,322 web-facing computers. OpenResty experienced the largest gain of 3.0 million…
Cloudflare loses 22% of its domains in Freenom .tk shutdown
A staggering 12.6 million domains on TLDs controlled by Freenom (.tk, .cf and .gq) have been shut down and no longer resolve, leading to a significant reduction in the number of websites hosted by Cloudflare. The disappearance of these websites…
Online investment scams: Inside a fake trading platform
Online investment scams are a global, growing, and uniquely pernicious threat. In newly released data, the Federal Trade Commission attributed more than $4.6 billion of US fraud losses in 2023 to investment scams, more than any other fraud category, and…
What Apple is afraid of — pre-DMA alternative iOS app stores are already riddled with malware
Ahead of the EU’s Digital Market Act forcing Apple’s hand to permit alternative app download options, is the amount of malware in the existing grey-market for sideloading iPhone apps a portent for things to come? Or has Apple’s approach, despite…
February 2024 Web Server Survey
In the February 2024 survey we received responses from 1,086,916,398 sites across 271,141,726 domains and 12,489,253 web-facing computers. This reflects an increase of 7.8 million sites, 694,270 domains, and 151,543 web-facing computers. OpenResty made the largest gain of 4.7 million…
Phishception – SendGrid is abused to host phishing attacks impersonating itself
Netcraft has recently observed that criminals abused SendGrid’s services to launch a phishing campaign impersonating SendGrid itself. The well-known provider, now owned by Twillio, makes sending emails at scale simple and flexible. In addition to scale, the promise of high…
PHP-less phishing kits that can run on any website
Criminals can now deploy phishing sites on any type of web server, even when commonly used server-side technologies such as PHP are not supported. Phishing kits are predominantly implemented in PHP, as this provides the server-side functionality required to store…
January 2024 Web Server Survey
In the January 2024 survey we received responses from 1,079,154,539 sites across 270,447,456 domains and 12,337,710 web-facing computers. This reflects a loss of 8.9 million sites, a gain of 1.2 million domains, and a loss of 17,900 web-facing computers. nginx…
New Year, New Scams – Health product scam campaigns abusing cheap TLDs
In recent months, we’ve noticed an increased number of high-volume health product campaigns that exploit cheap top-level domains (TLDs), reaching up to 60% of a TLD’s daily domain registrations. This blog looks at current trends around health product scams and…
“Quishing” you a Happy Holiday Season
QR Code phishing scams — What they are and how to avoid them. Originally invented to keep track of car parts in the early 90s, QR codes have been around for decades. After gaining broader acceptance during the COVID-19 pandemic,…
December 2023 Web Server Survey
In the December 2023 survey we received responses from 1,088,057,023 sites across 269,268,434 domains and 12,355,610 web-facing computers. This reflects a loss of 4.1 million sites, an increase of 238,593 domains, and a loss of 128,028 web-facing computers. nginx experienced…
It’s not cricket! Sri Lanka and Bangladesh co-host phishing attack
Sri Lanka and Bangladesh have a successful history of co-hosting the Cricket World Cup, but today the two countries’ governments have found themselves on a sticky wicket by co-hosting a phishing attack that targets UK banking customers. Victims lured to…
.zip TLD: six months on, and still rollin’
It has been six months since Netcraft first reported on abuse of the new .zip TLD, outlining the fraudulent activity we detected and blocked. Within weeks of its launch, Netcraft had detected many fresh .zip domain registrations designed to exploit…
November 2023 Web Server Survey
In the November 2023 survey we received responses from 1,092,141,942 sites across 269,029,841 domains and 12,483,638 web-facing computers. This reflects a loss of 1.2 million sites, a gain of 1.1 million domains, and a gain of 112,102 web-facing computers. OpenResty…
Fake Online Stores See A 135% Spike As Black Friday And Holiday Shopping Approaches
As Black Friday (and Cyber Monday) approaches, the annual online sales phenomenon shows no sign of slowing down, and neither do cybercriminals looking to take advantage of the busiest shopping days of the year. The kick-off to holiday shopping, much…
Disrupting IPFS phishing attacks
The InterPlanetary File System (IPFS) is a content-addressed peer-to-peer file sharing network from Protocol Labs being exploited by cybercriminals to host phishing sites and other malicious content. Often associated with the web 3.0 movement, it allows its users to upload,…
The rise of .ai: cyber criminals (and Anguilla) look to profit
Given the global interest in artificial intelligence (AI), it comes as no surprise that cybercriminals are looking to exploit the media hype. 2023 has seen a rapid increase in AI-themed attacks, following the release of Large Language Model (LLM)-powered chatbot…
October 2023 Web Server Survey
In the October 2023 survey we received responses from 1,093,294,946 sites across 267,962,271 domains and 12,371,536 web-facing computers. This reflects an increase of 8.3 million sites, 13.2 million domains, and 96,682 web-facing computers. The largest gains this month came from…
Donation fraud: Scammers Exploit Generosity in Gaza Conflict
Cybercriminals always seek to cash in on current affairs to lend credibility to their attacks, and the conflict in Gaza is no exception. Netcraft has detected over $1.6M in cryptocurrency being transferred to accounts associated with this fraud. In donation…
Uncloaking Fake Search Ads
Search engine ads are not always as they seem. Cybercriminals can take advantage of the ability to precisely target potential victims, tricking them into clicking malicious links prominently displayed before the intended legitimate destination. This blog post takes a detailed…
September 2023 Web Server Survey
In the September 2023 survey we received responses from 1,085,035,470 sites across 254,776,456 domains and 12,274,854 web-facing computers. This reflects a loss of 8.7 million sites and 682,961 domains, but a gain of 112,383 web-facing computers. OpenResty saw a large…
September 2023 Web Server Survey
In the September 2023 survey we received responses from 1,085,035,470 sites across 254,776,456 domains and 12,274,854 web-facing computers. This reflects a loss of 8.7 million sites and 682,961 domains, but a gain of 112,383 web-facing computers. OpenResty saw a large…
Phone scams conducted using PayPal’s own invoicing service
Phishing attacks often start with an email or text message that links to a malicious web site designed to steal sensitive information. However, some instead direct recipients to call a phone number. Despite claiming to belong to a legitimate organization these…
Netcraft Acquires FraudWatch to Cement Leadership in Cybercrime Detection & Takedown; Delivers Online Brand Protection at Scale Supported by 24/7 Security Operations Center
Netcraft, global leader in cybercrime detection, disruption, and takedowns, announced today the acquisition of FraudWatch, a leading Australian online brand protection provider focused on phishing, social media, brand infringement, and fake mobile apps. This article has been indexed from Netcraft…
August 2023 Web Server Survey
In the August 2023 survey we received responses from 1,093,748,332 sites across 255,459,417 domains and 12,162,471 web-facing computers. This reflects a loss of 7.5 million sites and 259,924 domains, and a gain of 36,515 web-facing computers. OpenResty had the largest…
Impact of Freenom halting registrations on cybercrime
Freenom, which offers free domain names in .tk and several other ccTLDs, is being sued by Meta for ignoring abuse complaints. Freenom subsequently paused new domain registrations in March 2023. This article has been indexed from Netcraft Read the original…
July 2023 Web Server Survey
In the July 2023 survey we received responses from 1,101,218,364 sites across 255,719,341 domains and 12,125,956 web-facing computers. This reflects a loss of 5.5 million sites, but a gain of 231,918 domains and 19,453 web-facing computers. Google saw the largest…
Netcraft Secures First Funding with Over $100M from Spectrum Equity; Names Experienced Technology Executive Ryan Woodley as New CEO
Netcraft, the global leader in cybercrime detection, disruption, and takedowns announced today that the company has raised over $100M from Spectrum Equity. This article has been indexed from Netcraft Read the original article: Netcraft Secures First Funding with Over $100M…
June 2023 Web Server Survey
In the June 2023 survey we received responses from 1,106,671,903 sites across 255,487,423 domains and 12,106,503 web-facing computers. This reflects a loss of 2.7 million … Read More This article has been indexed from Netcraft Read the original article: June…
Case Study: Global bank with >$1 trillion in assets under management
How a global bank uses Netcraft’s detection and disruption services to perform takedowns on thousands of phishing attacks each year with a 100% success rate. … Read More This article has been indexed from Netcraft Read the original article: Case…