Canadian Internet users beware: according to research from global security vendor Websense, our home and native land is now the number two country in the world to host phishing sites.
Research conducted by Websense between January and May of this year found that Canada climbed up to second, up from 13th last year, on the list of countries hosting malicious content. The number one spot went to the U.S., with Egypt coming in third, Germany in fourth, the U.K. in fifth, the Netherlands in sixth, Russia in seventh, South Korea in eighth, France in ninth and Brazil in 10th.
Patrick Runald, senior manager for security research at Websense, said with respect to the top 10 countries to host phishing sites around the world, Canada is the only country “that’s really made any type of movement on the list,” he said.
“We’ve seen a huge jump in the number of phishing Web sites hosted in Canada,” Runald said. “The increase is 319 per cent compared to what it was last year. The other thing we’ve seen is a 53 per cent increase in bot networks being hosted on Canadian servers.”
Why is this happening and why are the increases so high? Runald said that while it’s hard to prove, he has some hunches as to what’s causing this to happen.
“Generally speaking, we’ve seen a change overall in the location of where malicious code is being hosted,” he said. “In the past, malicious content has traditionally been hosted on servers in places like Europe. But now we’re seeing the bad guys shift their infrastructures to sites that are hosted in countries that traditionally have had better reputations.”
Runald said that with this in mind, it’s possible that cyber criminals will make it a point to compromise servers in Canada now.
Fiaaz Walji, the Canadian country manager at Websense, said that while all of this is going on, from a business and consumer perspective, a lot of people don’t actually know their machines are being compromised.
He advises Internet users to “go back to fundamentals and make sure security software updates are taking place. Be diligent, cautious and educated about this. If it’s too good to be true, it probably is and don’t click on things you’re not sure of.”
On the partner-side of things, Walji said the channel must educate their customers on what security technologies are available that can help them mitigate risk across e-mail, Web and data loss prevention channels.
“Technology shouldn’t be a one point solution,” Walji said. “Partners need to educate customers on a strategy that addresses e-mail, Web and data. You don’t need to spend millions (of dollars) on technology to get this type of service, so I’d urge partners to see what’s out there to help address customer issues when it comes to security.”