Thursday, November 16, 2006

apwg: John Brozycki

Representing an "anonymous" financial institution, John Brozycki  talked about how Phish Feeding works.  You automate attacking phishing sites by feeding in bad data.  The bad data then comes through to your site when the phisher attempts to use it.  You can watch the phish food turn into phish poo (not an official term) and track their behaviors.  Additionally, you can flood a phisher's site with so much bad data that they get pissed off and stop bothering you.

Phishers respond to this by implementing captchas (Turing Tests).  Unfortuantely, most use bad captchas, so scripts still work to infuse bad data.  Another thing he brought up was that phishers can block traffic from certain areas (i.e. the institution they are spoofing).  You can get around that by purchasing DSL connections.

More information at TrueInsecurity.com, email phishfeeder at that domain for info about phish feeding.

No comments: