Recent Posts

Recent Blog Posts

The PhishLabs Blog

Evil Searching and Phishing

Posted by John LaCour on Feb 25, '09

Nearly a year ago I asserted in a Dark Reading inteview that phishers were using Google and other search engines to find vulnerable web sites which they used to launch their scams. By a simple analysis of the web hosts and URLs used in phishing, I estimated that the vast majority of phishing web sites were hosted on exploited otherwise legitimate web sites. Today, Richard Clayton and Tyler Moore have published a paper about “Evil Searches” and phishing at this week’s Financial Cryptography conference.

I encourage anyone who is interested in understanding how phishing really works to read the paper, but here are a few of the key take-aways:

  • Over 75% of phishing sites are hosted on hacked web sites
  • Despite legend to the contrary, there is no data to support the notion that phishers use phish URL blacklists (like PhishTank) to find vulnerable web sites
  • About 9% of phishing web sites are hacked again and another phish added within 4 weeks

Also see Dr. Clayton’s blog posting on Light Blue Touch Paper for more.

Topics: Phishing, Strategy

What's this all about?

The PhishLabs Blog is where we share our insights and thoughts on cybercrime and online fraud.

Recent Posts

Posts by Topic

see all