There are numerous sites on the Internet where aspiring cybercriminals can download free phishing kits. Despite it being relatively well known that most kits have backdoors in them that cause stolen information to be sent to the kit authors, they’re still used quite frequently.
Interestingly, one such free phish kit distribution site added flag counter which shows exactly where site visitors are coming from. By a huge margin, the number one source is Morocco.
The Notorious Mr. Brain and crew hail from this region of the world and seem to have adopted phishing as a full-time hobby. After rock phish, these folks are responsible directly or indirectly for most of the phishing out there.
After Morocco, Nigeria is next on the list. Nigeria is not just responsible for advance fee fraud (aka 419 scams), but these a lot of phishers hail from West Africa as well.
Rounding out the top 10:
- United States
- United Kingdom
- Unknown – Satellite Provider (probably West Africa)