Greybeard cybersec guy who values ethics, trust, friendship, teamwork. I'm a partner at Interisle Consulting Group, board member at CAUCE and APWG, and was named to the team of experts at the Geneva Centre for Security Policy.
I'm keenly interested in measuring cybercrimes and the resources criminals use to perpetrate them and currently scratching this itch at the Cybercrime Information Center.
I'm a Golden Retriever lover and fantasy novel devotee. I love to cook: Italian, French, Chinese, Thai, Mediterranean and Low Country are staples. Married to the finest and loveliest person I've ever known.
| Web | https://securityskeptic.typepad.com |
| Twitter: Cybercrime Information Center | https://twitter.com/cybercrimestats |
| Cybercrime Information Center | https://cybercrimeinfocenter.org |
| Twitter: Securityskeptic | https://twitter.com/securityskeptic |
Phishing in the 2020s: What Can be Done to Reduce Phishing Attacks?
In this post we’ll look at what users can do to avoid becoming victims of phishing and, importantly, what domain name, subdomain, and hosting providers need to be doing to prevent criminals from using their services for malicious activities.
https://interisle.substack.com/p/phishing-in-the-2020s-what-can-be
You'll find more detailed recommendations in our Phishing Landscape Study
Phishing in the 2020s: Where in the World Are Phishing Pages Hosted?
In this post, we look at the top countries where phishing pages have been hosted. Teaser: Of the thirty-two countries that have appeared in the top twenty over a 5-year period, ten have appeared every year.
https://interisle.substack.com/p/phishing-in-the-2020s-where-in-the
#phishing #hosting #cybercrime #ASN
subscribe: https://interisle.substack.com/subscribe
Phishing in the 2020s: Hosting Networks
In previous posts we looked at top-level domains and domain registrars that phishers most exploited over the past 5 years. In this post, we look at the hosting networks (ASNs) with the highest numbers of phishing attacks reported.
https://interisle.substack.com/p/phishing-in-the-2020s-hosting-networks
#phishing #ASN #hosting #cybercrime #dnsabuse #cybersecurity
If you like what you've been reading, subscribe.
Case study: How a single spam campaign affects service provider reputation
Matt Piscitello takes a close look at a spam campaign involving bulk registrations during the month of August 2025. He explains how #Interisle establishes evidence of bulk registration behavior, identifies what operators were affected, and discusses aspects of reputational harm resulting from the campaign.
https://interisle.substack.com/p/case-study-how-a-single-spam-campaign
#spam #bulkregistrations #dnsabuse #reputation #cybercrime #interisle
Cybercrime Activity Reported in August 2025
Interisle's monthly look at cybercrime activity during August 2025 is now posted. We point out anything that strikes us as particularly interesting in overall numbers as well as significant changes in ranking for Top Level Domains (TLDs), Registrars, and Hosting Networks.
https://interisle.substack.com/p/cybercrime-reported-in-august-2025
Phishing Landscape 2025 Report Released
Phishing Rises to New High of Nearly 2 Million Attacks over 12 Months According to New Interisle Report
Key report findings include:
Phishing attacks rose to 1.96 million a year, a 182% increase since 2021.
Domain Name Abuse Surges to New High: The total number of domain names used in phishing attacks rose 38% to over 1.5 million—the highest ever recorded.
Cybercriminal Domain Purchasing Soars: 77% of all domain names used in phishing attacks were maliciously registered by cybercriminals.
Bulk Registration Enables More Attacks: 37% of all phishing domains were acquired through bulk domain name registration services.
Over half of all phishing sites were hosted by U.S.-based companies. The U.S. has been the top hosting location for phishing for five consecutive years.
The report also examines how domain registration requirements and pricing affect phishing scores in gTLDs and ccTLDs.
https://interisle.substack.com/p/phishing-landscape-2025-report-released
Phishing Trends: May - July 2025
Results for Phishing activity for the period May 1– July 31, 2025, are now available at the Cybercrime Information Center.
Phishing activity modestly declined in in early 2025, but it returned with vengeance in the spring and early summer:
- Phishing activity more than doubled to a staggering 1.3M attacks.
- Domains reported for phishing activity nearly doubled to just over 1M.
- Malicious domain registrations increased by 81%.
We take a long, hard look at ICANN's problem child... Dominet (HK).
https://interisle.substack.com/p/phishing-trends-may-july-2025
Phishing in the 2020s: Bulk Registrations
This post continues the series that looks at aspects of phishing over the past five years.
A previous post examined malicious registration of domain names expressly for the purpose of phishing. In this post, we look at a subset of malicious domain name registratios: those domain names that were registered rapidly and in large numbers - in bulk - by phishers.
https://interisle.substack.com/p/phishing-in-the-2020s-bulk-registrations
Phishing in the 2020s: Phishing Across the Global Name Space
For our phishing landscape reports, we study where phishers go to acquire domain names for their attacks. Today's segment of our Phishing in the 2020s series examines the global domain name space to see whether phishers have preferentially exploited popularly recognized categories of Top-level domains (TLDs) each study period.
https://interisle.substack.com/p/phishing-in-the-2020s-phishing-across
Interisle Consulting Group has annually published landscape studies on the scope and distribution of phishing. We’ve used the same data sources so that our analyses would be longitudinally consistent. Today, we begin a new series by looking at phishing attacks and how phishers acquired name resources since May 2020.
#phishing #cyberrime #fraud #domainabuse #dnsabuse #cyberattack
https://open.substack.com/pub/interisle/p/phishing-in-the-2020s-intro
