Security

Evaluating the Wisdom of Crowds in Assessing Phishing Websites

Download Now Free registration required

Executive Summary

Phishing is the process of enticing people to visit fraudulent websites and persuading them to enter identity information such as usernames and passwords. The information is then used to impersonate victims in order to empty their bank accounts, run fraudulent auctions, launder money, and so on. Researchers have proposed many technical countermeasures, from mechanisms to detect phishing websites, through to schemes that prevent users from disclosing their secrets to them. So obtaining an updated feed of new websites requires constant vigilance and demands significant resources. Most banks and specialist take-down companies maintain their own feed. One group, called 'Phish-Tank', has tried to leverage the 'Wisdom of Crowds' to generate an open source list that strives to be as complete and accurate as possible.

  • Format: PDF
  • Size: 383.7 KB