Phishing – an overview

Husband attended an event this week, part of which was an presentation about the phishing "industry".  Hereunder a summary.



Some Statistics:

·        There are over 310 million spam messages sent per day

·        2-3% of spam messages are phishing related

·        40% of people tested in a survey failed to identify a phishing mail

·        phishing mails have a 2% success rate (that is a scary thought!)

·        In one week, 8903 NEW phishing web sites were discovered

·        they were located around the work in 57 unique domains across 13 top level domains

·        of the phishing sites, 97.3% (8667) were kit based

·        it is believed that money taken through phishing now exceeds the illegal drug industry, making it the 3rd largest industry in the world, after oil and the arms trade!)

·        There are 2 dozen "phishing kits" used, the first ("the "rock phish") appearing in 2004 aimed at "stealing" credentials from the unwary.

·        The kits are installed on compromised systems, usually web servers, mail servers, DNS servers or home PCs.


Here is how the phishing industry works….

1) The kit runs a mail server which sends out emails of two types:

     a) "mule" recruitment ("earn extra money with 1-2 hours per day" type of stuff)

     b) forged email which appears to come from a bank, eBay, Paypal etc

These may be done directly or through an open relay on another mail server.

2) The kit runs a web server to harvest credentials which are collected by the criminals

3) The criminals use the credentials to transfer money to the stage 1 mule bank account

4) The stage 1 mule must be in the same country as the victim and accepts money into their bank account

5) The stage 1 mule collects the money and keeps 10-12%, transferring the rest to the stage 2 mule

6) The stage 2 mule sends to funds overseas, again taking 10-12%

Phishing sites generally have a fairly short life, rarely more than a few days and often only hours.  Mules can operate for a months before they are brought to justice.

The victims in this type of crime are:

the person who has their money stolen loses cash and may get a damaged credit record

the banks often cover some or all of the money loss

the mules are charged with money laundering, or worse

the owner of the compromised system suffers loss of bandwidth and becomes identified as a source of spam


Basic rules for avoiding being phished:

1.     Never click on a link in an email (navigate there using your browser)

2.     Never enter your user details, passwords etc anywhere unless you have navigated to the page

3.     Never use the Internet 🙂


Send to a friend


About bookmole
I am pro-choice. You make yours, I'll make mine, okay?

One Response to Phishing – an overview

  1. Kzinti says:

    Wife just hosed her whole computer this weekend by, of all things, clicking a bad link… She looked like a kid that someone stole their candy bar from. I told her, rule #1, always back up your shit. Rule #2, never click email links! I hope she didn’t forget rule #1… *sigh*

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: