Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Golden Hour of Phishing Attacks

Posted by CmdrTaco on from the get-the-camera dept.

Orome1 writes "Trusteer conducted research into the attack potency and time-to-infection of email phishing attacks. One of their findings was that 50 per cent of phishing victims' credentials are harvested by cyber criminals within the first 60 minutes of phishing emails being received. Given that a typical phishing campaign takes at least one hour to be identified by IT security vendors, which doesn't include the time required to take down the phishing Web site, they've dubbed the first 60 minutes of a phishing site's existence is the critical 'golden hour.'"

5 of 59 comments (clear)

  1. A solution presents itself by Wonko+the+Sane · · Score: 4, Funny

    Delay all email deliveries for one hour. What could possibly go wrong?

    1. Re:A solution presents itself by Anonymous Coward · · Score: 5, Insightful

      Mail which looks like it might be phishing email could be delivered to active users proven to be discriminating first,

      Congratulations! Gmail has determined that you are smart and competent. Your reward is more spam.

    2. Re:A solution presents itself by alexmipego · · Score: 5, Insightful

      They do have a "Report Phishing" option though. Sad thing is that most people don't know what phishing is or even realize they've been victims of it until it's too late, at which point they rarely go back to gmail to report the phishing attempt.

  2. Scrub the sites... by AdamThor · · Score: 4, Funny

    So what we need is a way to scrub those websites within the critical time period, yes? A cleaning program? A sort of "Golden Shower"?

    --
    -- "Oh. This guy again."
  3. Simple by PPH · · Score: 4, Funny

    I never answer e-mail within an hour of receipt. I'm too busy trying to make first post.

    --
    Have gnu, will travel.