In association with heise online

07 November 2006, 15:12

Anti-phisher community: Initial scores

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Phishtank, an online community site, has released its inaugural set of phishing statistics for the month of October. Phishtank collects users' reports on phishing servers and fraud attempts. Among other methods, the data is collected through OpenDNS, a server that works like a filter placed in front of the official root-name server, but which does not affect the recognised name space. The OpenDNS servers attempt to recognise requests from known phishing servers and redirect OpenDNS users onto warning pages.

image 1 [250 x 118 Pixel @ 9 KB]
Zoom Furthermore, most Phishing servers are located in the USA [click for larger image: Statistics: Phishtank]

Phishtank received 7,061 reports in all in October, with 3,678 providing proper notification about fraudulent sites. The Phishtank community members cast 93,531 votes evaluating reported sites in all. In only 878 cases was the suspicion of phishing found to be unwarranted. No evaluation was possible for the remaining 2,505 reports, since the related pages disappeared quickly off the web. Yet Phishtank's initiators see the community's evaluative prowess as quite speedy as well: it took 18 minutes on average for an evaluation to be made as to whether a site was phishing or not.

The statistics contain top ten lists of URLs used by the tricksters, the servers they used, and their most common targets. Customers of the UK's Barclays Bank PLC ranked third in an international comparison of most common phising targets. As would be expected, eBay and PayPal occupied the top two positions. The lion's share of phishing servers are found in the USA and South Korea, the statistics show. Symantec came to similar results in its semiannual Internet Threat Report.

Reference:

(ehe)

Print Version | Send by email | Permalink: http://h-online.com/-731767
 


  • July's Community Calendar





The H Open

The H Security

The H Developer

The H Internet Toolkit