Eskenzi PR Eskenzi PR
  • About Us
Thursday, 22 April, 2021
IT Security Guru
Eskenzi PR
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Which providers have the most phishing content?

by The Gurus
July 6, 2015
in Editor's News
Share on FacebookShare on Twitter

Phishing is an efficient method for an attacker to deliver malware or harvest credentials from unsuspecting victims. By sending out a mass or targeted email designed to look like it came from a bank or other legitimate source, an attacker can acquire a fair number of user credentials or deliver malware. Credentials can be used for identity theft, additional compromise or to send more seemingly legitimate phishing emails and convincing a user to install malware can give attackers access to a system.
To get an idea of what kinds of domains phishing attacks are using at present Josh Pyorre, security analyst of OpenDNS Security Labs, analysed the last month’s reported phishing messages. The following is a graphical view of the top 10 organisations with the most phishing content :

Looking at the data in a little more detail, Josh has uncovered one domain that appears to have been purchased specifically for use in targeted PayPal phishing attacks with the goal of acquiring credentials and stealing money from PayPal customers.
Josh explains, “Serviceyourpaypal[.]com was registered on September 14, 2014 at launchpad[.]com. It’s using domain privacy services provided by privacyprotect[.]org to hide administrative and technical details for the person or organization who bought the domain name. It is hosted at Hostgator, a well known and inexpensive hosting provider and is using a shared host at the IP address of 192.185.4.25. This IP address is hosting a total of 369 domain names.”
While the domain is not serving any useful content at present, Josh adds, “Serviceyourpaypal[.]com could be re-activated at any time and used in future PayPal-themed phishing campaigns.”
Another worrying domain identified by Josh looks to be used for a Lloyds Banking scam. Josh explains, “Applesverifications[.]com was registered on September 2, 2015 at launchpad[.]com and does not hide it’s whois information behind a privacy service. That doesn’t necessarily mean it’s factual. In some cases, adding whois privacy costs extra when registering a domain. The domain is hosted with Hostgator and its IP address hosts a total of 907 domains.”
This is a screen shot of the content when last analysed:

Josh continues, “The DNS traffic had a very suspicious spike in traffic on May 10, 2015 after small and consistent amounts of DNS traffic, potentially indicating other campaigns or testing prior to this specific phishing campaign.”
Josh has published a blog posting detailing this and his analysis of the other top 10 organisations with the most phishing content which you can see here.

0 0 vote
Article Rating
FacebookTweetLinkedIn
Tags: Cyber Securityidentity theftinfosecinfosecurityit securityMalwareOpenDNSPaypalPhishing
ShareTweetShare
Previous Post

Why We Need D*ck Pics to Make Privacy Relevant for Americans

Next Post

BOT-GEDDON coming after ZeusVM leak, hacker warns

Subscribe
Notify of
guest
guest
0 Comments
Inline Feedbacks
View all comments

Recent News

edgescan logo

PRODUCT REVIEW – Edgescan makes fullstack vulnerability management easy

April 21, 2021
The clubhouse app

Armis and UK’s Eseye partner to secure connected devices on any cellular network

April 20, 2021
Performanta acquires Identity Experts to bolster Microsoft IAM and security capabilities

Performanta acquires Identity Experts to bolster Microsoft IAM and security capabilities

April 20, 2021
AT&T Cybersecurity Launches New Managed Endpoint Security Solution with SentinelOne

AT&T Cybersecurity Launches New Managed Endpoint Security Solution with SentinelOne

April 19, 2021

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

More information
wpDiscuz
0
0
Would love your thoughts, please comment.x
()
x
| Reply
Privacy Settings / PENDINGGDPR Compliance

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Accept