Video | Business Headlines | Internet | Science | Scientific Ethics | Technology | Search


Niue phishers out of luck

5 May 2011

Niue phishers out of luck

The .NU internet domain associated with Niue has performed well in an independent global survey of the internet-based crime known as ‘phishing’.

Phishing involves fraudsters sending spam emails that look like they come from real organisations like banks or on-line traders. These encourage internet users to go to bogus websites where they are asked to divulge their passwords, and financial or personal information.

During the second half of 2010 (2H 2010) there were 2.5 phishing attacks for every 10,000 .NU domains and the sites involved stayed up for an average of 30 hours before they were discovered and shut down by the domain registrar.

This compares to an international average of 7.8 attacks for every 10,000 domains and an average up-time of 73 hours, according to a report by the Anti-Phishing Working Group (APWG), a pan-industry law enforcement association.

Per Darnell, president of The IUSN Foundation which is trustee of the .NU domain, says the domain is internationally recognised as being well managed and was a pioneer in the development of systems to shut down domains used for phishing. This happens within 20 minutes of .NU domain staff being given an alert.

“Our performance is as least as good as New Zealand’s .NZ domain and very much better than some other domains associated with the South Pacific. An association with phishing damages the reputations of the countries involved.”

Tokelau had 6.3 attacks per 10,000 domains and a 77 hour attack uptime; Samoa 2.1 and 123; Timor-Leste 116.9 and 104; and Tonga 151 and 100.

Mr Darnell says about a third of all domains used for phishing world-wide are registered by the phishers. Most of the rest are hacked by the phishers without the knowledge of the site operators.

“The .NU domain registration system is very robust. No phishers managed to register a .NU domain during the survey period,” he says.

“However, it is very hard to detect domains that have been hacked until the phishers strike, so the main measure of success is how quickly we detect them and shut them down. Our 30 hour average is very good by world standards, but we aim to do better – the quicker the criminals are shut down, the less damage they can do.”

Phishing has cost banks and individuals billions of dollars in the last decade, with a peak being reached in the second half of 2009, when the Avalanche criminal gang accounted for two-thirds of all phishing attacks worldwide. This gang is still active but, rather than phishing, it is now using malware such as Zeus to defraud internet users.

In 2H 2010 there were more than 67,000 phishing attacks worldwide. Eighty nine per cent of malicious domain registrations were made in four top level domains (TLDs): COM, .TK , .NET, and .INFO. Sixty per cent of attacks came from just four TLDs: .COM, .CC, .NET, and .ORG. Two free services were heavily abused by phishers in order to create phishing sites: the .TK (Tokelau) domain registration service and the CO.CC (Korea-based) subdomain service.

Mr Darnell says it is not always easy for a typical internet user to tell whether an email or website is legitimate, though bad English and misspellings are sometimes associated with phishing sites and emails.

He advises internet users to protect themselves from phishers by following three simple rules:
• Never, ever, give your financially important passwords to anyone, even if they appear to be from the bank
• Always login to financially important websites by typing in the web address, not by clicking on links in emails
• Always keep your anti-virus/anti-malware up to date
Background note

The IUSN Foundation is the trustee for the .NU internet domain. It funds free internet services, infrastructure development and education and training for the people of Niue.

81 characters

No luck phishing in Niue. NU domain shines in #APWG rpt

APWG report:


© Scoop Media

Business Headlines | Sci-Tech Headlines


Reserve Bank: RBNZ To Implement $30bn Large Scale Asset Purchase Programme Of NZ Govt Bonds

The Monetary Policy Committee (MPC) has decided to implement a Large Scale Asset Purchase programme (LSAP) of New Zealand government bonds. The negative economic implications of the coronavirus outbreak have continued to intensify. The Committee ... More>>


Elevate NZ: Venture Fund To Lift Productivity

The Government’s new $300 million venture capital fund - announced in last year’s Budget – is now open for business as the Elevate NZ Venture Fund. Finance Minister Grant Robertson says lifting New Zealand's productivity requires well-functioning ... More>>


COVID-19: Case Confirmed In NZ – Expert Reaction

After spreading across the globe for months, the first case of COVID-19 has been reported in New Zealand. The Ministry of Health says the risk of a community outbreak is low, due to their preparedness and the high awareness of the disease. The Science ... More>>


Agriculture: New Legislation To Boost Organics

New organics legislation will boost consumer confidence and help grow an innovative sector, says Food Safety Minister Damien O’Connor. “The Organics Product Bill, introduced to Parliament this week, aims to increase consumer confidence when purchasing ... More>>


Biodiversity Policy: Misinformation Circulating

Forest & Bird is concerned at misinformation circulating regarding a policy statement aimed at protecting New Zealand’s unique biodiversity. The National Policy Statement for Indigenous Biodiversity is being consulted on by the ... More>>