Phishing scams also expanded and diversified their list of targets in 2006. A total of 942 institutions were targeted in 2006, including banks and credit unions of all sizes, online payment gateways, e-commerce retailers, sopcial networking sites, ISPs, online games and govenment agencies.

Phishing is a truly international phenomenon, as demonstrated by our scoreboard of the phishiest countries. A large volume of phishing sites continue to be hosted in South Korea, China and Romania, while countries in Eastern Europe have also proven to be fertile ground for phishing scams. This is illustrated by Armenia, which with 3,267 phishing URLs has more than three times as many phishing attacks as web sites (947).

The Netcraft Toolbar Community is a digital neighborhood watch scheme, in which the most alert and expert members act to defend the larger community of users against phishing frauds. Once the first recipients of a phishing mail have reported the target URL, it is blocked for toolbar users who subsequently access the URL. Widely disseminated attacks (people constructing phishing attacks send literally millions of electronic mails in the expectation that some will reach customers of the bank) simply mean that the phishing attack will be reported and blocked sooner.

The Phishing Site Feed is also available to ISPs and Enterprises who wish to protect their customers or employees against phishing. Netcraft also offers services to detect open redirects on corproate web sites to prevent abuse, and fraud detection and phishing site countermeasure services.