The APWG also cited 1,142 different web sites used in the October attacks, twice September's total of 584. That sharp rise in attacking sites suggests that phishing operations may be automating the deployment of attacks via hacked web servers.
"Starting on the afternoon of October 5, 2004, we started seeing a massive increase in the amount of phishing sites," the group reports. "It appears as though some sort of toolkit is available and/or a set of tools that are being used to produce similar exploits. The sudden large spike may, however, indicates that some automation may be involved."
The APWG has made some changes in its reporting since its last report in July, discontinuing public reporting about the most frequently attacked targets, and shifting its focus from the number of e-mail scams to the sites hosting them.
The APWG said that while the U.S. still has the largest share of phishing sites (29%), the recent surge in attacks has occurred almost entirely on non-American servers.