PhishTank casts its net for malicious email |
 |
By Dennis Fisher, Executive Editor
05 Oct 2006 | SearchSecurity.com |
|
|
A new information clearinghouse for data on phishing attacks is up and running, and unlike similar efforts at other sites, PhishTank includes an open API that enables contributors to submit and access data through various applications.
The new site is not only an archive of suspected and confirmed phishing emails, but it also includes a feature that allows other registered users to examine submissions and verify that they are in fact malicious mailings. This collaborative format is a bit different from the work done by other groups, such as the Anti-Phishing Working Group, which focuses on compiling statistics on phishing and pharming attacks and aiding law enforcement agencies in taking down malicious sites.
PhishTank launched on Tuesday and by Thursday morning Eastern time, the site had received 752 submissions, 447 of which were verified as phish, according to the site's statistics page.
The site is backed by OpenDNS, a San Francisco-based company that provides a free DNS service designed to help companies avoid malicious Web sites and speed up their DNS queries.
The PhishTank API is a unique submission option for the site's contributors. Once a contributor registers an application with the site, he can submit suspected phishing emails via a direct SSL connection over HTTP. It is believed this method will be used mainly by ISPs and large enterprises. But individual contributors can submit emails simply by forwarding them to phish@phishtank.com.
One early application of this API is a button for Microsoft Outlook that the antispam group Project Honey Pot is developing. Once installed in the Outlook toolbar, the button will enable users to report suspected phish with one click.
Phishing and pharming -- a variation on phishing that involves DNS cache poisoning -- have been the favored attack vectors for identity thieves and online crime gangs for several years. Early phishing emails were crude and for the most part easily recognizable by their blatant spelling errors and other telltale signs. But as the financial stakes have grown, the messages and their social engineering tactics have becomes far more sophisticated and often target specific groups with small memberships, such as customers of small credit unions or community banks.
The number of attacks has continued to multiply as well. The Anti-Phishing Working Group reported more than 14,000 unique phishing campaigns in July 2005; July of this year saw more than 23,000 such attacks.
|
|
|
|
