The .NU internet domain associated with Niue has performed well in an independent global survey of the internet-based crime known as ‘phishing’.
Phishing involves fraudsters sending spam emails that look like they come from real organisations like banks or on-line traders. These encourage internet users to go to bogus websites where they are asked to divulge their passwords, and financial or personal information.
During the second half of 2010 (2H 2010) there were 2.5 phishing attacks for every 10,000 .NU domains and the sites involved stayed up for an average of 30 hours before they were discovered and shut down by the domain registrar.
This compares to an international average of 7.8 attacks for every 10,000 domains and an average up-time of 73 hours, according to a report by the Anti-Phishing Working Group (APWG), a pan-industry law enforcement association.
Per Darnell, president of The IUSN Foundation which is trustee of the .NU domain, says the domain is internationally recognised as being well managed and was a pioneer in the development of systems to shut down domains used for phishing. This happens within 20 minutes of staff being given an alert.
“Our performance is as least as good as New Zealand’s .nz domain and very much better than some other domains associated with the South Pacific. An association with phishing is damaging for the reputations of the countries involved.”
Tokelau had 6.3 attacks per 10,000 domains and a 77 hour attack uptime; Samoa 2.1 and 123; Timor-Leste 116.9 and 104; and Tonga 151 and 100.
Mr Darnell says about a third of all domains used for phishing are registered by the phishers. Most of the rest are hacked by the phishers without the knowledge of the site operators.
“The .NU domain registration system is very robust. No phishers managed to register a .NU domain during the survey period,” he says.
“However, until the phishers strike, it is very hard to determine that a domain has been hacked, so the main measure of success is how quickly we detect them and shut them down. Our 30 hour average is very good by world standards, but we aim to do better – the quicker the criminals are shut down, the less damage they can do.”
Phishing has cost banks and individuals billions of dollars in the last decade, with a peak being reached in the second half of 2009, when the Avalanche criminal gang accounted for two-thirds of all phishing attacks worldwide. This gang is still active but, rather than phishing, it is now using malware such as Zeus to defraud internet users.
In 2H 2010 there were more than 67,000 phishing attacks worldwide. Eighty nine per cent of malicious domain registrations were made in four top level domains (TLDs): COM, .TK (Tokelau), .NET, and .INFO. Sixty per cent of attacks came from just four TLDs: .COM, .CC, .NET, and .ORG. Two free services were heavily abused by phishers in order to create phishing sites: the .TK domain registration service and the CO.CC (Korea-based) subdomain service.
Mr Darnell says it is not always easy for a typical internet user to tell whether an email or website is legitimate, though bad English and misspellings are sometimes associated with phishing sites and emails.
He advises Internet Niue customers to protect themselves from phishers by following three simple rules:
- Never, ever, give your financially important passwords to anyone, even if they appear to be from the bank
- Always login to financially important websites by typing in the web address, not by clicking on links in emails
- Always keep your anti-virus/anti-malware up to date
To read the full APWG report, click here.