Interisle has published its Phishing Landscape 2024 report. It is based on the analysis of 1.9 million phishing attacks for the period from May 2023 to April 2024. Domain Name Wire, publishing this news, draws attention to the fact that the time period in this case is very important. The fact is that in the spring of 2023, the infamous Freenom practically stopped registering new names. It provided domain names in the domain zones it managed (for example, .TK) completely free of charge, which, of course, cybercriminals willingly took advantage of. But already in May 2023, the organizers of phishing attacks had to reorient themselves to other general top-level domains, which significantly affected the statistics.
The number of domain names associated with phishing attacks has increased sharply in new generic top-level domains. If in the previous Interisle report the share of new domains was 25%, then in the current one it is already 42%. This is explained primarily by the fact that the registries of many new domains are trying to attract users with low registration costs. Of the 35 domain zones with the highest phishing rating (the ratio of the total number of registrations in the domain to the number of names in it associated with phishing attacks), you can register a domain for less than $5 in 32. In 27 domains - less than $2, and in 10 - even less than $1.
The largest number of phishing domain names, as usual, falls on .COM. But this is explained solely by the fact that it is far ahead of all other domain zones in the number of registrations. In terms of phishing ratings, .COM is doing very well. The worst domains in terms of the ratio of total registrations to the number of domains associated with phishing activity were .LOL, .BOND, ,SUPPORT, .TOP and .SBS. In terms of registrar companies, the worst is Hong Kong's NiceNIC. Of the approximately 100,000 names registered through it in various generic top-level domains, 45,000 were involved in phishing activity.