Phishing Domains Hosting Multiple Phishing Sites

Tuesday, December 19, 2006

Phishing Domains Hosting Multiple Phishing Sites

Well, well, well. What do we got here? Couple of interesting domains hosting phishing sites of multiple banks for you to take a look at, or at the cached versions to be precise. What's worth mentioning is the rise of phishing sites using the much more easily and anonymously registered .biz ; .info ; .name domains. However, the first part of these is related to 211.137.13.131 :

baldwindy.name
leqwas.biz
noosfo.biz
rsytarai.biz, another one

Multiple hosting:
201.195.156.13
lugers.biz
loreta.biz
tuker.info

Now, try searching the entire .biz space for "Bank Austria Creditanstalt". The good news is that even the average anti-phishing toolbar is capable of detecting these. The bad news is that customers aren't currently using such toolbars as much as they should. And with phishing toolkits lowering the entry barriers in this space by making it easy for wannabe phishers to "make an impact", we've got an efficient problem to deal with.

Dancho Danchev

Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com

Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

Tuesday, December 19, 2006

Phishing Domains Hosting Multiple Phishing Sites

No comments:

Post a Comment