On the Afilias blog there was a post by Ram Mohan on extensions and phishing attacks. He took a look at research published by the Anti-Phishing Working Group (APWG).
Key Findings
1. Apple became the world’s most-phished brand in 2014
2. The introduction of new top-level domains did not have an immediate major impact on phishing
3. Chinese phishers were responsible for 85% of the domain names registered for phishing
4. Malicious domains and subdomain registrations continue at historically high levels, largely driven by Chinese phishers
5. The average uptimes of phishing attacks remain at historic lows, pointing to some success by anti-phishing responders
6. The companies and brands targeted for phishing were diverse, with many new targets, suggesting that e-criminals are looking for new opportunities in new places
7. Mass hackings of vulnerable shared-hosting providers accounted for 20% of all phishing attacks
The first day of a phishing attack is the most lucrative for the phisher, so quick takedowns are critical. Large, generic top-level domains are usually big targets for phishers, because these TLDs are the most familiar to the average Internet user. Among these domains, .INFO (owned and operated by Afilias), .ORG (owned by PIR and operated with Afilias technology), and .BIZ (operated by Neustar) have formal notification and takedown programs in place, according to the APWG report.
Read the full post on the Afilias blog