5 May 2011
Niue phishers out of luck
The .NU internet domain associated with Niue has performed well in an independent global survey of the internet-based
crime known as ‘phishing’.
Phishing involves fraudsters sending spam emails that look like they come from real organisations like banks or on-line
traders. These encourage internet users to go to bogus websites where they are asked to divulge their passwords, and
financial or personal information.
During the second half of 2010 (2H 2010) there were 2.5 phishing attacks for every 10,000 .NU domains and the sites
involved stayed up for an average of 30 hours before they were discovered and shut down by the domain registrar.
This compares to an international average of 7.8 attacks for every 10,000 domains and an average up-time of 73 hours,
according to a report by the Anti-Phishing Working Group (APWG), a pan-industry law enforcement association.
Per Darnell, president of The IUSN Foundation which is trustee of the .NU domain, says the domain is internationally
recognised as being well managed and was a pioneer in the development of systems to shut down domains used for phishing.
This happens within 20 minutes of .NU domain staff being given an alert.
“Our performance is as least as good as New Zealand’s .NZ domain and very much better than some other domains associated
with the South Pacific. An association with phishing damages the reputations of the countries involved.”
Tokelau had 6.3 attacks per 10,000 domains and a 77 hour attack uptime; Samoa 2.1 and 123; Timor-Leste 116.9 and 104;
and Tonga 151 and 100.
Mr Darnell says about a third of all domains used for phishing world-wide are registered by the phishers. Most of the
rest are hacked by the phishers without the knowledge of the site operators.
“The .NU domain registration system is very robust. No phishers managed to register a .NU domain during the survey
period,” he says.
“However, it is very hard to detect domains that have been hacked until the phishers strike, so the main measure of
success is how quickly we detect them and shut them down. Our 30 hour average is very good by world standards, but we
aim to do better – the quicker the criminals are shut down, the less damage they can do.”
Phishing has cost banks and individuals billions of dollars in the last decade, with a peak being reached in the second
half of 2009, when the Avalanche criminal gang accounted for two-thirds of all phishing attacks worldwide. This gang is
still active but, rather than phishing, it is now using malware such as Zeus to defraud internet users.
In 2H 2010 there were more than 67,000 phishing attacks worldwide. Eighty nine per cent of malicious domain
registrations were made in four top level domains (TLDs): COM, .TK , .NET, and .INFO. Sixty per cent of attacks came
from just four TLDs: .COM, .CC, .NET, and .ORG. Two free services were heavily abused by phishers in order to create
phishing sites: the .TK (Tokelau) domain registration service and the CO.CC (Korea-based) subdomain service.
Mr Darnell says it is not always easy for a typical internet user to tell whether an email or website is legitimate,
though bad English and misspellings are sometimes associated with phishing sites and emails.
He advises internet users to protect themselves from phishers by following three simple rules:
• Never, ever, give your financially important passwords to anyone, even if they appear to be from the bank
• Always login to financially important websites by typing in the web address, not by clicking on links in emails
• Always keep your anti-virus/anti-malware up to date
The IUSN Foundation is the trustee for the .NU internet domain. It funds free internet services, infrastructure
development and education and training for the people of Niue.
No luck phishing in Niue. NU domain shines in #APWG rpt http://tinyurl.com/5raudu7