Netcraft: 5,600 Phishing Sites Since December

← Back to Stories (view on slashdot.org)

Netcraft: 5,600 Phishing Sites Since December

Posted by timothy on Monday May 2, 2005 @06:14AM from the not-good-news dept.

miller60 writes "Netcraft has tracked and blocked 5,600 known phishing sites since the December launch of its anti-phishing toolbar, which it has now updated with a risk rating feature that warns users about new sites with phishy characteristics, based on trends observed in known phishing scams. It has also started a service that makes the full list available of phishing sites as a continuously updated feed for service providers and companies to use in mail servers and web proxies." One bad sign: the phishing attacks I see are getting (on average) more professional in their phrasing -- it used to be easy to toss out the trawlers based on their spelling alone.

8 of 181 comments (clear)

Min score:

Reason:

Sort:

Re:Live Bait by Anonymous Coward · 2005-05-02 06:26 · Score: 1, Informative

The PTO doesn't enfore antything. It only grants or revokes. Enforcements take place at courts and usually only after charge by the patent/trademark holder.
Re:FP - Help by ArsenneLupin · 2005-05-02 06:27 · Score: 1, Informative

Can anyone help me? I have an account with amazing karma, that I plan to retire after the next three posts. I thought that I would perform karma suicide with it but,
From the contents of your post, you seem to be doing quite well, but ...

I can't figure out an effective way to do it in only three posts.

Yes, indeed, I think you haven't figured out one very important small detail...

What would you do?

Hmmm, ..., maybe log in?

Can anyone help me?

You're welcome!
Re:firefox toolbar? by Rude+Turnip · 2005-05-02 06:30 · Score: 3, Informative

Firefox one-ups this already by doing 2 things:

1. Encrypted URLS turn the address bar to a gold color to remind you that you're on an encrypted site. And, more importantly,

2. In the lower right hand corner of the screen, Firefox tells you the name of the site to which the digital signature certificate is assigned.

--
Bill Clinton: Pimp we can believe in. - The Shirt!!!
Re:Submit a new site, get a gift? by doofusclam · 2005-05-02 06:31 · Score: 5, Informative

Anybody know what is this "reward" they mail you? I'm curious.

Well according to this: http://news.earthweb.com/security/article.php/3454 601:

If a person is the first to submit a link to a new phishing site, the user receives a free prize, such as a coffee mug. Miller said other offerings are in the works as well. An e-mail appears in users' inboxes asking them to return a postal address for the prize, which takes 28 days to deliver.
Re:Phishers Getting Good by Spy+der+Mann · 2005-05-02 06:42 · Score: 2, Informative

but man, someone spent a lot of time thinking it up.

Hint: Enable "full headers" on your e-mail. That way you won't spend a second before hitting the delete button.
ebay spoofs by jangobongo · 2005-05-02 07:16 · Score: 2, Informative
I got that ebay spoof, too, a while ago. That kinda scared me until I contacted ebay and they confirmed that, indeed, it was a spoof.

I got a newer one just a short while ago that said:
- Subject:*** Your eBay Bid was Cancelled ***
- Dear eBay Community Member,
  
  The bid that you entered for the item ( 5569407583[original link removed] ) has been cancelled. You can view the reason provided for the cancellation by selecting the link bellow[sic].
  
  http://cgi.ebay.com/ws/eBayISAPI.dll?Item=55694075 83&BidCancelled=1 [original link removed]
  
  Regards,
  eBay
Now, if I had bid on anything at ebay within the last year, I might have panicked and started clicking on links without stopping to think about it. Fortunately, I knew I hadn't bid on anything, so I (as I've learned to do) hovered my cursor over the links and saw that they went to www.kminsectcontrol.com (insect control? interesting).

I just forwarded it to spoof@ebay.com which, sadly, I have in my address book because I have forwarded several suspicious emails to them. They always get back to me quickly and confirm that, yes, it was a spoof and to ignore it. Then they investigate the forwarded email take any actions they can against whoever sent it.

And every ebayer should have this page bookmarked: http://pages.ebay.com/help/policies/id-account-the ft-spoof.html

I agree, the phishers are getting better. Phishers like these try to trigger a knee-jerk emotional response and I bet it works way too often.
--

Sig cancelled due to lack of interest
Re:The biggest problem... by hazzey · 2005-05-02 07:16 · Score: 2, Informative

I don't know how well it works, but there is always: spam@uce.gov It is the FTC's official phishing reporting address. http://www.usdoj.gov/spam.htm
It IS easy to report eBay scams by Anonymous Coward · 2005-05-02 07:27 · Score: 1, Informative

Forward the message (with all headers -- I do this by forwarding as attachment in Thunderbird) to spoof@ebay.com. An automated service checks whether the email came from ebay. They claim to report phished emails to the proper authorities -- it's in their best interest if they do, although I don't know for sure what they do with the email. Still, forwarding an email is pretty darn easy. What have you got to lose?