The Consequence of Non-Cooperation in the Fight Against Phishing

A key way in which banks mitigate the effects of phishing is to have fraudulent websites removed or abusive domain names suspended. This 'Take-Down' is often subcontracted to specialist companies. It analyses six months of 'Feeds of phishing website URLs from multiple sources, including two such companies. It demonstrated that in each case huge numbers of websites may be known to others, but the company with the take-down contract remains unaware of them, or only belatedly learns that they exist. It also analyses the incentives that prevent data sharing by take-down companies, contrasting this with the anti-virus industry - where sharing prevails - and with schemes for purchasing vulnerability information, where information about attacks is kept proprietary.