Network News

X My Profile
View More Activity

In Praise of Phish Fighters

It isn't often that the public is afforded a peek into federal law enforcement efforts to combat "phishing" scams, fraudulent e-mail lures for Web sites created to assume the look of trusted online brands and steal personal information. But February marks the 5th anniversary of -- an all-volunteer led forum that has morphed from a place where people can diagnose security problems with their PCs into one of the most active phish fighting forums -- and the group is releasing some interesting data to highlight its accomplishments.


The online help forum is the public face of CastleCops, but the group has made a greater impact on consumer security and privacy through its Phishing Incident Response Team (PIRT). The team shares with law enforcement real-time data that could help bring the phishers to justice, along with financial information stolen from consumers.

In a common phishing attack, the stolen data will most often be e-mailed to what's known as a "dead drop." (this is usually just a free Web mail account). Really lazy and not-too-bright phishers will simply dump the data into a text file located on the phishing site itself. If phish fighters can access the data themselves, they will forward that to the feds. They, in turn, share it with relevant banks so financial institutions can intervene before the fraudsters drain the accounts. In cases where the data is sent to an e-mail drop box, the feds will secure a legal order to seize the e-mail account.

CastleCops' PIRT began sharing its phishing data with federal law enforcement agencies in June 2006. Since then, the group has intercepted stolen data from roughly 450 distinct phishing scams. If we conservatively assume that the average credit card has a balance limit of $500 and that the average phishing scam nets about 100 victims, CastleCops has prevented more than $22 million worth of fraudulent credit card charges since the middle of last year.

As hard as they work, CastleCops volunteers catch only a fraction of the phishing scams launched daily -- it is estimated that nearly 1,000 individual phishing Web sites are created each day worldwide. So, if 450 phishing scams can net as much as $22 million for the phishers, it is not hard to understand why phishing recently surpassed malicious software as the primary ingredient in junk e-mail, according to e-mail security provider MessageLabs. It is a multi-billion dollar industry that shows no signs of slowing down.

Readers who are interested in more detail on the data can drill down through a series of interesting slides that CastleCops founder Paul Laudanski showed at an uber-secret security confab at Microsoft's campus last week. The speaker's list for that conference reads like a veritable who's-who of security professionals and researchers.

I encourage anyone who has an interest in helping cyber crime and spyware victims or in foiling scammers to register at the CastleCops forum. To mark its 5th birthday, CastleCops is running a sweepstakes for members who hang out there or even just lurk on the forums: Starting Feb. 1, they're going to be giving away more than $130,000 worth of security software and tools to forum members. It's free to join, no obligation required, one per know the drill.

By Brian Krebs  |  January 31, 2007; 5:45 PM ET
Categories:  Fraud , From the Bunker , Latest Warnings , Safety Tips  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   StumbleUpon   Technorati   Google Buzz   Previous: Sony Settles FTC Suit Over Music CD Spyware
Next: Birth of the Verbal Hack?


Congratulations to CastleCop people. They're doing a really great work.

Posted by: jcanto | February 1, 2007 1:34 AM | Report abuse

Nice writeup! The CastleCops PIRT Team is to be commended.


Posted by: Corrine | February 1, 2007 1:44 PM | Report abuse

Keep up the good work, CastleCops.

Posted by: Baxter Tocher | February 6, 2007 3:08 PM | Report abuse

A great bunch of people and an excellent site that's helping many users. Congradulations on being a phishers nightmare!

Posted by: herbalist | February 20, 2007 10:17 PM | Report abuse

hope the people will come also to and get help there also. :)

Posted by: Ersa | February 21, 2007 8:05 AM | Report abuse

The comments to this entry are closed.

RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company