Phishing tactics exposed by Google blacklist

Two-thirds of phishing sites take aim at just three websites, research finds.

Nearly two-thirds of active phishing sites target users of eBay, PayPal and Bank of America websites, according to research by a security expert.

Work carried out by Michael Sutton, found that in Google's blacklist of phishing sites, used by the company in its anti-phishing toolbar for Firefox, 63 per cent of sites targeted these three websites. Online auction website eBay was the most targeted with 23.46 per cent of fake sites, followed by online payments site PayPal with 23.17 per cent. Third was Bank of America with 16.42 per cent.

Sutton said on his blog that he was surprised to find that these three targets accounted for nearly two-thirds of phishing sites.

"I was somewhat surprised to find virtually all sites using straight social engineering attacks," said Sutton. "One amusing finding was that Yahoo! commonly hosts pages that phish, wait for it, Yahoo! credentials."

"My hope was that this exercise would provide some insight into current phishing attacks and it certainly did," he said.

Sutton added that the blacklist was continuously updated and specific versions can be requested by including the required major:minor version in the GET request. The full listing (1:1) contained primarily outdated URLs as 86 per cent of the pages or sites were no longer available.

"While I would like to think that the existence of Google's blacklist had contributed to the demise of these sites, phishing sites tend to emerge and disappear quickly, so I suspect that this is just a natural part of the phishing cycle," he said.

Featured Resources

Defeating ransomware with unified security from WatchGuard

How SMBs can defend against the onslaught of ransomware attacks

Free download

The IT expert’s guide to AI and content management

How artificial intelligence and machine learning could be critical to your business

Free download

The path to CX excellence

Four stages to thrive in the experience economy

Free download

Becoming an experience-based business

Your blueprint for a strong digital foundation

Free download

Most Popular

What are the pros and cons of AI?
machine learning

What are the pros and cons of AI?

8 Sep 2021
Apple patches zero-day flaw abused by infamous NSO exploit
exploits

Apple patches zero-day flaw abused by infamous NSO exploit

14 Sep 2021
Google takes down map showing homes of 111,000 Guntrader customers
data breaches

Google takes down map showing homes of 111,000 Guntrader customers

2 Sep 2021