Slashdot Mirror

← Back to Stories (view on slashdot.org)

A Tour of the Google Blacklist

Posted by CowboyNeal on from the taking-down-names dept.

WienerPizza writes "Michael Sutton takes us on a tour of the Google blacklist, a list of suspected phishing sites. He finds that eBay, PayPal and Bank of America combined account for 63% of the active phishing sites. Amusingly, he also reveals that Yahoo! has a nasty habit of hosting phishing sites that harvest — you guessed it — Yahoo! credentials!"

8 of 89 comments (clear)

  1. Re:Question do Sys Admins by pestilence669 · · Score: 4, Informative

    OpenDNS will do phishing detection for you. Not only that, it'll correct common typos and speedup name resolution on your entire network. Oh yeah, it's also free, but it won't block those annoying fake search pages.

    http://opendns.com/

  2. Re:But it's not a problem by AoT · · Score: 4, Informative

    PayPal is annoying.I can't start a new account with them because I never verified my old account which was connected to a bank account I no longer have. Not that I really want to, I wouldn't trust those guys any further than I could throw them.

    --
    A blog about stuff.
  3. Re:This one made me cry a little inside by jasonwc · · Score: 5, Informative

    I just loaded http://zeta-os.com/astats/bankofamerica/ on Firefox 2.0.0.1 using Firefox's built-in phishing detector using Google to provide the blacklist ["Check by asking Google about each site I visit" option]. It loaded the site just fine, without any warning.

  4. Here is a site that has a lot of IPs by VGfort · · Score: 5, Informative

    Banned IP Address - a lot of them are spammers or fake bots that will look around your website and fill your forms in the attempt to spam you or your forums/blog or whatever else you might have

  5. Re:This one made me cry a little inside by AndrewNeo · · Score: 2, Informative

    I once got mail pointing to a phishing page on a school's website. Never know where those things are going to pop up..

  6. Re:Google's not keeping up by Ravadill · · Score: 2, Informative

    In the comments section it's mentioned that the Encoded/Hashed blacklist is larger and more frequently updated than the plain text one.
    I assume to prevent phishers using a live plain text list to know when they have been found.

  7. Re:Pollute the phishing sites by mindriot · · Score: 4, Informative

    Well, I wouldn't write "f**k you spammer" or anything like that, it makes your entries distinguishable. If you want to ensure having a correct credit card number (except for the CVV code, bug the phisher couldn't verify those directly anyway), you could use something like this quick dirty hack I wrote up a few months ago to spam a phishing site using simple wget queries. To read up on the format of valid credit card numbers, see for instance this article on the anatomy of credit card numbers. The following code worked for me to create numbers that were accepted by a phishing site I spammed:

    my $cc = substr("000000" . int(rand(1000000)), -6); # Any format

    # Add 9 digits for the account number
    $cc .= int(rand(900000000))+100000000;

    # Check digit: Luhn Code
    my $checknum = 0;
    for (my $j = 0; $j < length($cc); $j++) {
    my $val = substr($cc, $j, 1);
    if ($j % 2 == 0) {
    # These will be doubled
    my $v = 2*$val;
    $v -= 9 if ($v > 9);
    $checknum += $v;
    } else {
    # These will just be added normally
    $checknum += $val;
    }
    }
    # The last digit should add up to a multiple of 10
    $cc .= ($checknum%10 != 0)?(10-($checknum%10)):'0';

    # Output an expiration date (arbitrary, 2007..2015)
    my $month = int(rand(12))+1;
    my $year = qw(2007 2008 2009 2010 2011 2012 2013 2014 2015)[int(rand(9))];

    # Random CVV2 code
    my $cvv = substr("000" . int(rand(1000)), -3);
  8. Re:Good Experience with Paypal by scottv67 · · Score: 3, Informative

    Most banks require a minimum balance before they waive the monthly service fee.
    In my experience, it's just a matter of finding the right bank that has a relationship with someone you also have a relationship with. I get offers for free checking (no minimum balance requirements) through my alumni associations (undergrad and graduate), my wife's employer, my employer, even through the fact that my father-in-law is retired military. Dun Malg also said:

    This is one of the many ways they soak the poor.
    I don't really think that is a fair portrayal of the situation. Banks charge fees for accounts that don't keep high balances because they don't make money on them. Banks are not charitable organizations, they are in business to make money.

    Excellent advice on how to locate the "free checking" offers. I have a couple of additional tips:
    1) Direct deposit. If your paycheck goes directly to your financial institution, you may be eligible for free checking.
    2) Skip the "bank" and check-out a local credit union. As the parent poster said about banks, "they are in business to make money". While banks treat their customers like cattle that can be slowly tapped for blood, credit unions treat their customers like...people. I haven't had an account at a "bank" for fifteen years. I am a very happy credit union member.