Netcraft: 5,600 Phishing Sites Since December

miller60 writes "Netcraft has tracked and blocked 5,600 known phishing sites since the December launch of its anti-phishing toolbar, which it has now updated with a risk rating feature that warns users about new sites with phishy characteristics, based on trends observed in known phishing scams. It has also started a service that makes the full list available of phishing sites as a continuously updated feed for service providers and companies to use in mail servers and web proxies." One bad sign: the phishing attacks I see are getting (on average) more professional in their phrasing -- it used to be easy to toss out the trawlers based on their spelling alone.

One Day

[ericschoon]

The phishing community will learn to read an write in a professional manner. When that day comes, the world will end

no wait.... only those gullables will find themselves in trouble.

Phishing is only a problem when you aren't paying attention.

Live Bait

[Doc Ruby]

The great crime in this phishing system is at the Patent and Trademark Office. We fund the office, subsidizing corporate IP owners by defending their IP. But when the PTO could enforce trademark IP to protect the consumer, they do little or nothing. How come Citigroup isn't spending billions to protect its trademark, which is used to con thousands of people a day into phishing scams?

New sites: ouch!

[jfengel]

One of the factors that goes into the risk rating is the age of the site. That's a good insight: phishers tend to create new sites often, as the old ones get closed down or are simply dropped.

But man, wouldn't it suck to open a new site only to have Netcraft scare off all your customers?

I wonder what "new" means. How long do phishing sites stay around? And how badly would this kill the buzz of the initial marketing effort?

Time isn't the only tool they have in the toolbar, so hopefully novelty as the only warning sign won't ring any alarm bells.

Eventually, phishers will work around this by creating sites and only activating the phishing attack after the requisite time period has elapsed. But that's work, which weeds out the laziest phishers. Watching the escalation of tactics is going to be fascinating.

Re:"Continuously encrypted list"?

[Anonymous Coward]

You assume law enforment is actively interested in going after phishing sites.

Other ways to filter phishers out...

[yotto]

it used to be easy to toss out the trawlers based on their spelling alone.

I've always detected the trawlers by the fact that they're asking me to give them information via email.

Re:Submit a new site, get a gift?

[aaamr]

Doesn't it make more sense to report the site to the service provider so it gets shut down?

Last one of these I encountered (an eBay phishing scheme) was hosted on Comcast's network. To Comcast's credit, the site was inaccessible within 2 hours of my reporting it, and I got a very prompt response by email to my report.

Re:firefox toolbar?

[elid]

Yes, but that's probably too difficult for the average relative to understand.

Re:Live Bait

[Rasta Prefect]

The great crime in this phishing system is at the Patent and Trademark Office. We fund the office, subsidizing corporate IP owners by defending their IP. But when the PTO could enforce trademark IP to protect the consumer, they do little or nothing. How come Citigroup isn't spending billions to protect its trademark, which is used to con thousands of people a day into phishing scams?

First off, phishers are _hard to catch and prosecute_. They're often located in other countries using and/or using compromised resources such as zombified home machines to serve their pages. They're committing fraud, they're not going to stop because Citigroup sends them a cease and desist. Thats like saying the real crime of the war on drugs is that the IRS hasn't dragged in all of these drug kingpins for not paying taxes.

Secondly, who the hell is subsidizing anything? The Patent Office takes in more in user fees than it spends - It's a yearly budget battle for them to keep more of what they bring in, not to get more money from congress. They've been totally user fee supported for at least 12 years now.

Re:The biggest problem...

[hendersj]

Amen to that - I had the same experience with eBay - I am NOT signing up to tell them that someone is trying to scam their customers. Make it easy for me to report, or I'll just bin it.

After all, if they don't care enough to make it easy to report phishers abusing their name, why should I make the effort to find out how to report it to them?

Re:Submit a new site, get a gift?

[camcorder]

Thanks for letting us know. Now only thing to get a free mug is to setup a phishing site and report it to Netcraft. Well seems like they will reach 10000 very soon.

professional?

[drew]

One bad sign: the phishing attacks I see are getting (on average) more professional in their phrasing -- it used to be easy to toss out the trawlers based on their spelling alone.

i'll be worried when i start seeing attacks imitating places that i actually have accounts at. other than paypal, i don't think a single one out of the thousands of phishing attacks i've received has tried to imitate a bank or institution that i actually do business with.

maybe it's just me, but i would think that when people see hundreds of emails coming from places they've never done businesss with in their life, they might be a little suspicious when they see one that's almost exactly the same except with their bank's logo on it, no matter how well written. or am i expecting too much of the average person?