Slashdot Mirror

← Back to Stories (view on slashdot.org)

Netcraft: 5,600 Phishing Sites Since December

Posted by timothy on from the not-good-news dept.

miller60 writes "Netcraft has tracked and blocked 5,600 known phishing sites since the December launch of its anti-phishing toolbar, which it has now updated with a risk rating feature that warns users about new sites with phishy characteristics, based on trends observed in known phishing scams. It has also started a service that makes the full list available of phishing sites as a continuously updated feed for service providers and companies to use in mail servers and web proxies." One bad sign: the phishing attacks I see are getting (on average) more professional in their phrasing -- it used to be easy to toss out the trawlers based on their spelling alone.

16 of 181 comments (clear)

  1. Spelling by Anonymous Coward · · Score: 5, Funny
    the phishing attacks I see are getting (on average) more professional in their phrasing -- it used to be easy to toss out the trawlers based on their spelling alone

    One could say the same for the /. trolls.

  2. Submit a new site, get a gift? by Kozz · · Score: 5, Interesting

    Funny thing, I submitted a phishing site to Netcraft and was notified that it was a new one to their database, and what do they do?

    They ask me to reply to their email address with my full name, street address so that they can send me a "gift". I don't know what it is (haven't received it yet), but thought it ironic that they were soliciting information in a phishing-style.

    I sent them the address so they can send me a gift (t-shirt? who knows) since I knew I had contacted THEM about the particular phishing URL, and the info they requested could be gleaned by someone who wanted to find out, but found it humorous nonetheless.

    Anybody know what is this "reward" they mail you? I'm curious.

    --
    I only post comments when someone on the internet is wrong.
    1. Re:Submit a new site, get a gift? by netcrusher88 · · Score: 3, Funny

      Maybe they send you fish?

      --
      There's an old saying that says pretty much whatever you want it to.
    2. Re:Submit a new site, get a gift? by doofusclam · · Score: 5, Informative
      Anybody know what is this "reward" they mail you? I'm curious.


      Well according to this: http://news.earthweb.com/security/article.php/3454 601:

      If a person is the first to submit a link to a new phishing site, the user receives a free prize, such as a coffee mug. Miller said other offerings are in the works as well. An e-mail appears in users' inboxes asking them to return a postal address for the prize, which takes 28 days to deliver.
    3. Re:Submit a new site, get a gift? by EvilTwinSkippy · · Score: 4, Funny
      An e-mail appears in users' inboxes asking them to return a postal address for the prize, which takes 28 days to deliver.

      Or they can collect on their winnings immediately by clicking on this link, with their accound name and password to paypal ...

      --
      "Learning is not compulsory... neither is survival."
      --Dr.W.Edwards Deming
    4. Re:Submit a new site, get a gift? by aaamr · · Score: 4, Insightful

      Doesn't it make more sense to report the site to the service provider so it gets shut down?

      Last one of these I encountered (an eBay phishing scheme) was hosted on Comcast's network. To Comcast's credit, the site was inaccessible within 2 hours of my reporting it, and I got a very prompt response by email to my report.

  3. One Day by ericschoon · · Score: 3, Insightful

    The phishing community will learn to read an write in a professional manner. When that day comes, the world will end

    no wait.... only those gullables will find themselves in trouble.

    Phishing is only a problem when you aren't paying attention.

    --
    --
  4. Neat idea. by going_the_2Rpi_way · · Score: 4, Interesting

    The only problem that I see is that those people with the Netcraft toolbar are probably already in the low-risk category for this type of scam (although I guess the fact that they install toolbars at all makes it a slightly more at risk group) since they're reasonably aware of the problem. Still, Netcraft continues to impress me with excellent tools and insight on web traffic and secuirty trends. A daily must-read for webmasters, far more so than Alexa.

    --
    =======
    Science -- Sealed, Delivered.
  5. New sites: ouch! by jfengel · · Score: 4, Insightful

    One of the factors that goes into the risk rating is the age of the site. That's a good insight: phishers tend to create new sites often, as the old ones get closed down or are simply dropped.

    But man, wouldn't it suck to open a new site only to have Netcraft scare off all your customers?

    I wonder what "new" means. How long do phishing sites stay around? And how badly would this kill the buzz of the initial marketing effort?

    Time isn't the only tool they have in the toolbar, so hopefully novelty as the only warning sign won't ring any alarm bells.

    Eventually, phishers will work around this by creating sites and only activating the phishing attack after the requisite time period has elapsed. But that's work, which weeds out the laziest phishers. Watching the escalation of tactics is going to be fascinating.

  6. Re:firefox toolbar? by Rude+Turnip · · Score: 3, Informative

    Firefox one-ups this already by doing 2 things:

    1. Encrypted URLS turn the address bar to a gold color to remind you that you're on an encrypted site. And, more importantly,

    2. In the lower right hand corner of the screen, Firefox tells you the name of the site to which the digital signature certificate is assigned.

    --
    Bill Clinton: Pimp we can believe in. - The Shirt!!!
  7. Slashdot Announcement by x.Draino.x · · Score: 5, Funny
    Dear Slashdot Reader,

    We regret to inform you that our subscription database was lost in a major crash. In order to continue your advertising-free dupe ridden news service, we require you to verify your account details. Please have your credit card handy and head on over to Slashdot Subscription Verification to verify your account. Once again, we apologize for the mis-hap.

    Sincerely, teh Taco.
  8. How the Netcraft toolbar works. by Anonymous Coward · · Score: 5, Interesting

    I actually looked into making a Firefox extension that worked with the netcraft phishing list. that you get from using their toolbar. I'm still just learning to code Firefox plugins, so I thought it would be a fun exercise. I put it aside for now since there is a big "DO NOT REVERSE ENGINEER OUR SOFTWARE" type notice in the install license, and I still have a long ways to go in learning to program Firefox extensions. I figured out how it works by reading the log file, is that reverse engineering these days?

    Anyway, how the blocker works is pretty nifty, the toolbar creates an MD5 hash of each the url you visit, then compares it to a file that the toolbar auto-updates with the MD5 hashes of the bad urls. To figure out where info is coming from, take a look at "blocked.log" in the Toolbar directory, you'll see the lines that update "blocklist.dat". The only problem I saw is that www.badsite.com/bleh.html might be in there, but www.badsite.com itself might not be, even if both are really the same page.

    I still think the best anti-phishing software would be a program that just notices when you are doing something really boneheaded. It would do things like shout "Hey, that's your ebay username and password and this isn't ebay! Are you sure you want to do this?" and "This page isn't posting to an encrypted page and that is a credit card number! Are you sure about this?". Just my little idea, I'm sure there are plenty of problems with it.

  9. Re:firefox toolbar? by elid · · Score: 3, Insightful

    Yes, but that's probably too difficult for the average relative to understand.

  10. Re:Live Bait by Rasta+Prefect · · Score: 3, Insightful
    The great crime in this phishing system is at the Patent and Trademark Office. We fund the office, subsidizing corporate IP owners by defending their IP. But when the PTO could enforce trademark IP to protect the consumer, they do little or nothing. How come Citigroup isn't spending billions to protect its trademark, which is used to con thousands of people a day into phishing scams?

    First off, phishers are _hard to catch and prosecute_. They're often located in other countries using and/or using compromised resources such as zombified home machines to serve their pages. They're committing fraud, they're not going to stop because Citigroup sends them a cease and desist. Thats like saying the real crime of the war on drugs is that the IRS hasn't dragged in all of these drug kingpins for not paying taxes.

    Secondly, who the hell is subsidizing anything? The Patent Office takes in more in user fees than it spends - It's a yearly budget battle for them to keep more of what they bring in, not to get more money from congress. They've been totally user fee supported for at least 12 years now.

    --
    Why?
  11. The biggest problem... by krbvroc1 · · Score: 3, Interesting

    The biggest problem is the inability to email a person who cares at a lot of these places. In the past two weeks I've tried to find contacts for domains that were hosting ebay phishing pages. Emails to 'support', 'webmaster', internic domain contacts all go unanswered and the sites remain. I reported this one a week ago, its still up: http://210.0.213.115/~homepage/Secure/eBay/cgi-bin /index.php

  12. Phishing Sites by SpaceAdmiral · · Score: 4, Funny

    I've visited Phishing sites before, but I just don't get it. You'd have to be stoned or something to appreciate their music.