Recent Posts

Recent Blog Posts

The PhishLabs Blog

Evil Searching and Phishing

Posted by John LaCour on Feb 25, '09

Nearly a year ago I asserted in a Dark Reading inteview that phishers were using Google and other search engines to find vulnerable web sites which they used to launch their scams. By a simple analysis of the web hosts and URLs used in phishing, I estimated that the vast majority of phishing web sites were hosted on exploited otherwise legitimate web sites. Today, Richard Clayton and Tyler Moore have published a paper about “Evil Searches” and phishing at this week’s Financial Cryptography conference.

I encourage anyone who is interested in understanding how phishing really works to read the paper, but here are a few of the key take-aways:

  • Over 75% of phishing sites are hosted on hacked web sites
  • Despite legend to the contrary, there is no data to support the notion that phishers use phish URL blacklists (like PhishTank) to find vulnerable web sites
  • About 9% of phishing web sites are hacked again and another phish added within 4 weeks

Also see Dr. Clayton’s blog posting on Light Blue Touch Paper for more.

Topics: Phishing, Strategy

What's this all about?

The PhishLabs Blog is where we share our insights and thoughts on cybercrime and online fraud.

Recent Posts

Subscribe to Email Updates

Posts by Topic

see all