The APWG is a tax-exempted corporation to coordinate a coalition of members from around the world to have a unified response to cybercrime across different sectors. The organization offers public education programs, eCrime research, and the Stop. Think. Connect. campaign to improve public awareness of online security concerns. They are online at www.apwg.org and www.antiphishing.org.
Recently, the company released their Global Phishing Survey: Domain Name Use and Trends in the second half of 2012 report.
The report (.pdf) slices and dices the data a few different ways. It includes basic statistics, shared hosting hacking, phishing by uptime, phishing by top-level domain, use of subdomains, use of internationalized domains, use of URL shorteners, registrars of malicious domain registrations, and compromised domains vs malicious registrations.
The numbers presented, like 123,486 unique phishing attacks worldwide in 2H 2012, are hard to swallow even though it is presented in such a way that is easy to digest. The survey is 30 pages long and is worth the time to read in order to gain an understanding of what phishers are leveraging to succeed with their attacks and what the phishing numbers look like once visualized. For example, GoDaddy is the registrar with the most malicious domain names used in phishing attempts for this time period but has one of the lowest ratios between phishing URLs to legitimate URLs registered.