Nearly 40 percent of web hosts were repeat victims of phishing attacks that resulted in the placing of malware on their server platforms, according to a new report by the Internet Policy Committee of the Anti-Phishing Working Group.
Thirty-seven percent of respondents said their websites had phishing or spoof sites planted on their web servers two or more times before, a number that reflects the persistence of phishers and the difficulties of fighting them, APWG said.
The most frequently attacked operating system among survey respondents was Linux OS, with 76 percent. Attack victims reported they used Apache as their web server in 81 percent of the responses, MySQL as their database application in 81 percent of the responses, and PHP/Java as their application platform in 82 percent of responses.
Only 7 percent of victims reported the compromised website was used for e-merchant purposes. Seventeen percent said customer data were stored on the compromised hosts, while only 4 percent cited theft of customer data.
Eighty-four percent of the victims reported attackers uploaded phishing or spoof web pages and scripts onto sites for use during their phishing attempt. Additionally, 24 percent of victims said attackers installed malicious software on their sites.
Detecting the compromises, only one in five victims said the attacks were discovered by their own staff; 52 percent were informed of the attack by third-party security companies.