Phisheye: Live Monitoring Of Sandboxed Phishing Kits

Xiao Han, Nizar Kheir, Davide Balzarotti
2016 Zenodo  
Phishing is a form of online identity theft that deceives unaware users into disclosing their con dential information. While signi cant e ort has been devoted to the mitigation of phishing attacks, much less is known about the entire life-cycle of these attacks in the wild, which constitutes, however, a main step toward devising comprehensive anti- phishing techniques. In this paper, we present a novel approach to sandbox live phishing kits that completely protects the privacy of victims. By
more » ... ng this technique, we perform a comprehensive real-world assessment of phishing attacks, their mechanisms, and the behavior of the criminals, their victims, and the security community involved in the process { based on data collected over a period of ve months. Our infrastructure allowed us to draw the rst comprehensive picture of a phishing attack, from the time in which the attacker installs and tests the phishing pages on a compromised host, until the last interaction with real victims and with security researchers. Our study presents accurate measurements of the duration and e ectiveness of this popular threat, and discusses many new and interesting aspects we observed by monitoring hundreds of phishing campaigns.
doi:10.5281/zenodo.166929 fatcat:m4fjjhe3obauzgn2rw4lryfx7u