The PhishLabs Blog > The PhishLabs Blog Evil Searching and Phishing
Subscribe

Get The Latest Insights

By Stacy Shelley | February 25, 2009

Nearly a year ago I asserted in a Dark Reading interview that phishers were using Google and other search engines to find vulnerable web sites which they used to launch their scams. By a simple analysis of the web hosts and URLs used in phishing, I estimated that the vast majority of phishing web sites were hosted on exploited otherwise legitimate web sites. Today, Richard Clayton and Tyler Moore have published a paper about “Evil Searches” and phishing at this week’s Financial Cryptography conference.

I encourage anyone who is interested in understanding how phishing really works to read the paper, but here are a few of the key takeaways:

  • Over 75% of phishing sites are hosted on hacked web sites
  • Despite legend to the contrary, there is no data to support the notion that phishers use phish URL blacklists (like PhishTank) to find vulnerable web sites
  • About 9% of phishing web sites are hacked again and another phish added within 4 weeks

Also see Dr. Clayton’s blog posting on Light Blue Touch Paper for more.

Related Insights

Response-Based Email Attacks Reach Inboxes More Than Any Other Threat in Q4

In Q4, Response-Based phishing attacks were the top reported threat by end users, according to Fortra’s PhishLabs.

More than Half of All Phishing Sites Impersonate Financials in Q4

Phishing sites impersonating reputable organizations continue to represent the top online threat to businesses and their brands. In Q4, cybercriminals impersonated Financial Institutions on more than half of all phishing sites.

Digital Journal: Hackers Using Steganography Tactics for Malware Attacks

Read Digital Journal’s interview to learn why steganography is increasingly used in phishing campaigns and how security teams can protect against these attacks.