Top Ten Website Filtering & Phishing Stats of 2010

Top Ten Website Filtering & Phishing Stats of 2010

Web Content Filtering

Content may be filtered by category or by blocking specific websites via blacklisting or by allowing specific websites via whitelisting.

Top Ten Blocked Categories

Not surprisingly, the top ten most blocked categories are focused on providing a safer Internet experience for students and children, and a more work-appropriate environment for businesses. Percentages indicate the proportion of networks using category blocking that reference a given category.

  1. Pornography β€” 85%
  2. Sexuality β€” 80.1%
  3. x

  4. Tasteless β€” 77.3%
  5. Proxy/Anonymizer* β€” 76.2%
  6. Adware β€” 69%
  7. Nudity β€” 67.2%
  8. Hate/Discrimination β€” 58.7%
  9. Lingerie/Bikini β€” 58.5%
  10. Gambling β€” 58%
  11. Drugs β€” 57.3%

* Websites that allow users to hide their identity or circumvent the Web content filtering set up on their networks.

Top Ten Blacklisted Websites

Blacklists are typically used when there is no desire to block an entire category in principle, but there is a focusΒ on preventing traffic to specific websites based on a combination of their popularity and content. This top ten listΒ suggests a concern with the use of bandwidth by streaming sites and with privacy concerns from advertising networks.Β Percentages indicate the proportion of networks using blacklisting that reference a given site.


  1. β€”14.2%
  2. β€” 9.9%
  3. β€” 8.1%
  4. β€” 6.4%
  5. β€” 2.3%
  6. β€” 1.9%
  7. β€”1.4%
  8. β€” 1.3%
  9. β€”1.2%
  10. β€” 1.2%

Top Ten Whitelisted Websites

Whitelists are typically used when there is a desire to block entire categories, but access to selected websites is granted on an exception basis. These sites represent the most trusted sites in their category. The fact that many of the same sites that appear on the Top Ten Blacklisted Websites list appear on the list below may indicate the diverse perspectives people have regarding many of these sites. Percentages indicate the proportion of networks using whitelisting that reference a given site.


  1. β€” 12.7%
  2. β€” 12.6%
  3. β€” 9.2%
  4. β€” 9%
  5. β€” 6.3%
  6. β€” 6%
  7. β€” 4.7%
  8. β€” 4.6%
  9. β€” 4.3%
  10. β€” 3.9%

Filtering by Business Users

Businesses have specific goals in mind when blocking websites. They need to ensure compliance with HR policies, while also increasing worker productivity by preventing what they consider to be employee cyberslacking. This list shows that businesses are concerned with singling out popular sites considered to be of little value in a work setting, especially if they consume a lot of bandwidth. Percentages indicate proportion of business networks using blacklisting feature that reference a given site.


  1. β€” 23%
  2. β€” 13%
  3. β€” 11.9%
  4. β€” 5.7%
  5. β€” 4.2%
  6. β€” 2.1%
  7. β€” 2.1%
  8. β€” 1.8%
  9. β€” 1.6%
  10. β€” 1.6%


Top Targets of Phishing Websites in 2010

The most frequently spoofed website in every month of 2010 was PayPal. PayPal was targeted nine times more frequently than the next most frequent target, Facebook. Five of the most targeted brands β€” Facebook, World of Warcraft, Sulake Corporation, Steam and Tibia β€” are associated with online and social games. Percentages indicate the proportion of phishing sites verified in 2010 and associated with a given target.


  1. PayPal β€” 45.9%
  2. Facebook β€” 5.3%
  3. HSBC Group β€” 4.1%
  4. World of Warcraft β€” 3.2%
  5. Internal Revenue Service β€” 3%
  6. Bradesco β€” 1.9%
  7. Orkut β€” 1.7%
  8. Sulake Corporation β€” 1.5 %
  9. Steam β€” 1.2%
  10. Tibia β€” 1%

Top Countries Hosting Phishing Websites in 2010

The vast majority of phishing websites were hosted in the United States β€” more than 60,000 separate attempts came from websites hosted in the U.S. Percentages indicate the proportion of phishing sites verified in 2010 hosted in a given country.


  1. United States β€” 53.8%
  2. Germany β€” 6.3%
  3. Canada β€” 5.2%
  4. United Kingdom β€” 4.8%
  5. France β€” 3.5%
  6. Russia β€” 2.9%
  7. China β€” 2.8%
  8. South Korea β€” 2.8%
  9. Italy β€” 2.5%
  10. The Netherlands β€” 2.4%

Phishing Update

One of the reasons PayPal, Inc. is so prevalent as a target in PhishTank is because PayPal uses the PhishTank API to automatically submit any phish they find to PhishTank. This is a good thing β€” it puts data into PhishTank quickly so the community can verify the sites and PhishTank data feed subscribers can protect their users. While this highlights the frequency that PayPal is a target, it also skews the data to make it appear that PayPal is the most phished brand, simply because they are the most vigilant in submitting data to PhishTank. Obviously, this was not our intent. We are updating the report to show the most targeted brands in 2010 with the PayPal API data removed from the dataset as nearly all other submissions come from the tens of thousands of PhishTank individual contributors.


If the PayPal API-based submissions to PhishTank are removed from the dataset of phished brands, the list of most-targeted brands in 2010 shifts dramatically:

  1. Facebook β€” 8.64%
  2. HSBC Group β€” 6.73%
  3. World of Warcraft β€” 5.35%
  4. Internal Revenue β€” Service 4.87%
  5. Sulake Corporation β€” 3.21%
  6. Bradesco β€” 3.15%
  7. PayPal β€” 3.03%
  8. Orkut β€” 2.9%
  9. Steam β€” 1.95%
  10. Tibia β€” 1.72%


(Source: This list is from the OpenDNS 2010 Report on web content filtering & phishing.)