http://emergentchaos.com/archives/2007/07/should-we-stop-faking-phishing-data.html The Emergent Chaos Jazz Combo Wed, 01 Feb 2012 19:20:40 +0000 hourly 1 http://wordpress.org/?v=3.3.1 http://emergentchaos.com/archives/2007/07/should-we-stop-faking-phishing-data.html/comment-page-1#comment-3802 Adam Sat, 28 Jul 2007 21:22:00 +0000 http://emergentchaos.com/?p=2438#comment-3802 My comment about expense should have said "assume" not "presume." What I meant is that if it costs you and a phisher the same effort to validate an account, then dumping hundreds of fake accounts into the site might be a worthwhile thing because it absorbs lots of phisher time, and may help banks identify phishing data exploitation. Also the question of resolving (closing) the site isn't the only question. Without any disrespect to the APWG or castlecops, I don't think they have all the data we'd like to have. For example, imagine that tomorrow, Congress asked the FBI how many agents they'd need to shut down this problem. Do we have data to tell us how big it is? How many people are involved? I haven't seen such, and I'm interested in seeing if we can get that sort of data. My comment about expense should have said “assume” not “presume.” What I meant is that if it costs you and a phisher the same effort to validate an account, then dumping hundreds of fake accounts into the site might be a worthwhile thing because it absorbs lots of phisher time, and may help banks identify phishing data exploitation.
Also the question of resolving (closing) the site isn’t the only question.
Without any disrespect to the APWG or castlecops, I don’t think they have all the data we’d like to have. For example, imagine that tomorrow, Congress asked the FBI how many agents they’d need to shut down this problem. Do we have data to tell us how big it is? How many people are involved? I haven’t seen such, and I’m interested in seeing if we can get that sort of data.

]]> http://emergentchaos.com/archives/2007/07/should-we-stop-faking-phishing-data.html/comment-page-1#comment-3801 JAF Fri, 27 Jul 2007 14:46:05 +0000 http://emergentchaos.com/?p=2438#comment-3801 Sorry for the delay .. things have been a bit hectic. I can't tell you 'by the numbers' how many sites are being hit with fake data of the type we're discussing. ...[ Firstly, JAF (seems to) presume that his work is roughly equivalent to the phisher's work, or more expensive ]... Will you please explain this? All phishing sites have a limited number of entries by those who recoginze it for what it is and fill out the requested data accordingly .. questioning the parental lineage of the scammer or other scatological commentary. What I'm addressing is the 'dump' of hundreds of authentic-looking, but fake entries into a data file. In quantity, they're clearly recognizable. On several forums I have seen posted that this is something 'fun' to do .. that somehow this 'teaches the scammer' something not quite defined. It doesn't. The 'wow, isn't this fun' activity does nothing to resolve/remove that phishing site. Perhaps if those who consider this amusing would, instead, report the site to any number of anti-phishing groups such as: CastleCops: <a href="http://www.castlecops.com/pirt" rel="nofollow"><a href="http://www.castlecops.com/pirt" rel="nofollow">http://www.castlecops.com/pirt</a></a> Anti-Phishing Working Group: <a href="http://apwg.org/report_phishing.html" rel="nofollow"><a href="http://apwg.org/report_phishing.html" rel="nofollow">http://apwg.org/report_phishing.html</a></a> ..we'd be able to investigate and terminate the sites in a better time frame and reduce the actual numbers of ID theft victims. Thanks ... 'JAF' Sorry for the delay .. things have been a bit hectic.
I can’t tell you ‘by the numbers’ how many sites are being hit with fake data of the type we’re discussing.
…[ Firstly, JAF (seems to) presume that his work is roughly equivalent to the phisher's work, or more expensive ]…
Will you please explain this?
All phishing sites have a limited number of entries by those who recoginze it for what it is and fill out the requested data accordingly .. questioning the parental lineage of the scammer or other scatological commentary.
What I’m addressing is the ‘dump’ of hundreds of authentic-looking, but fake entries into a data file. In quantity, they’re clearly recognizable. On several forums I have seen posted that this is something ‘fun’ to do .. that somehow this ‘teaches the scammer’ something not quite defined. It doesn’t.
The ‘wow, isn’t this fun’ activity does nothing to resolve/remove that phishing site. Perhaps if those who consider this amusing would, instead, report the site to any number of anti-phishing groups such as:
CastleCops: http://www.castlecops.com/pirt
Anti-Phishing Working Group: http://apwg.org/report_phishing.html
..we’d be able to investigate and terminate the sites in a better time frame and reduce the actual numbers of ID theft victims.
Thanks …
‘JAF’

]]> http://emergentchaos.com/archives/2007/07/should-we-stop-faking-phishing-data.html/comment-page-1#comment-3800 Justin Mon, 23 Jul 2007 13:16:40 +0000 http://emergentchaos.com/?p=2438#comment-3800 Hey Adam! I've passed it on -- let's see if there's further comment. Hey Adam! I’ve passed it on — let’s see if there’s further comment.

]]>