The Phish Market Protocol: Securely Sharing Attack Data Between Competitors
Source: Harvard University
A key way in which banks mitigate the effects of phishing is to remove fraudulent websites or suspend abusive domain names. This 'take-down' is often subcontracted to specialist firms. Prior work has shown that these take-down companies refuse to share 'Feeds' of phishing website URLs with each other, and consequently, many phishing websites are not removed because the firm with the take-down contract remains unaware of their existence. The take-down companies are reticent to exchange feeds, fearing that competitors with less comprehensive lists might 'Free-ride' o their e orts by not investing resources to find new websites, as well as use the feeds to poach clients.