Gutting the Phish
Vigilantism of any kind is never a tidy business, but it's difficult to condemn the acts of some Internet activists who have taken to attacking Web sites constructed by phishers, online scam artists who use e-mail threats to lure people into coughing up their personal and financial data.
According to a recent post at Netcraft -- a Bath, England-based Web site performance and security company -- anti-phishing vigilantes have begun defacing and/or disabling the home pages of known scam sites in order to warn would-be victims away from them.
Phishing sites often are hosted on poorly secured Web servers, but anti-phishing vigilantes can exploit the same security holes to usurp the fraudulent content with their own messages. According to Netcraft one prolific anti-phisher, known as "Sickophish," routinely replaces fake Web sites with a simple message that reads: "WARNING: THIS WAS A SCAM SITE." Yet another anti-phishing vigilante group is "The Lad Wrecking Crew," which features a spooky set of downloadable wallpapers that fellow vigilantes can use to supplant the landing page of scam sites.
Though not nearly as radical, this reminds me of a tactic used by at least one Internet service provider I contacted recently while working on a series about phishing attacks. Late last year, Florida-based ISP Reliable Hosting was notified that the Web sites of one of its customers had been seeded with a phishing scam targeting SunTrust bank customers. After closing down the site, the ISP made sure any future Internet browsers trying to reach the phishing URL would be redirected to the Federal Trade Commission's Web site on "How Not to Get Hooked by a Phishing Scam."
Despite increased media attention and public-education campaigns about phishing, consumers continue to get hooked. In a data-rich study released last week, researchers at the Honeynet Project set up a couple of Web servers with known security flaws to see whether phishers would find and exploit the servers to their own gain. Sure enough, the scam artists set up shop and began hosting multiple phishing sites off of each Web server, each site targeting a different bank or e-commerce site. One site impersonating a major U.S. bank got more than 250 hits in four days, while a PayPal scam site on the other server received more than 720 visits in 36 hours.
The comments to this entry are closed.