Dancho Danchev's Blog - Mind Streams of Information Security Knowledge: Take this Malicious Site Down

Thursday, March 22, 2007

Take this Malicious Site Down - Processing Order..

Yet another pay-pal-secure-login.tld domain gets registered, and even more ironic in its directory listings you'll be able to digg out several other financial institutions and online companies logins, even competitors. Financial institutions cannot cope with the level of such registered domains and some -- even after reported to the usual abuse account -- remain active for weeks to come. So how do you protect these businesses and cash in between for doing so? Looks like RSA are diversifying their service from phishing hosting sites to malware hosting ones :

"EMC's RSA division plans to launch a new service next month that will help financial institutions take down Web sites associated with malicious Trojan Horse software. The service is planned as an extension to the FraudAction phishing takedown service already offered by RSA, said Louie Gasparini, co-chief technical officer with RSA's Consumer Solutions unit. "We're leveraging the same infrastructure we already have in place... and now we're focusing our attention on how Trojans work," he said. Gasparini said he expects financial services companies, auction sites, and online merchants to use the service. "It's really allowing the institution to better protect its customers," he said."

Can RSA really cash in by re-intermediating the current communication model, and most importantly do a better job? It can sure allow the targeted companies to focus on innovation and growth, not on online impersonation attacks so I find this a sound product line extension, but need more performance stats to offer valuable recommendations.

According to the latest Anti-Phishing.org report, the threatscape looks very favorable in respect to

communicating with the major country hosting phishing sites - the U.S, followed by China and South Korea. In between companies diversifying their portfolios of services and products, there's one other thing to keep in mind and that's how can you achieve the same results in more cost effective way than the commercial propositions? And can you actually? Do you even have to dedicate financial resources to shut down these sites compared to educating your customers on how to use their brains? Ask yourself these questions before losing it in a budget allocation myopia. Something else to keep in mind - ISPs will also start getting interested in the idea of equal distribution of revenues given the sound business model.

Related posts:
The Phishing Ecosystem
Anti-phishing Toolbars - Can You Trust Them?
Google's Anti-phishing Black and White Lists

Dancho Danchev

Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com

Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

Thursday, March 22, 2007

Take this Malicious Site Down - Processing Order..

No comments:

Post a Comment