Recently I’ve been asked to design a system to detect phishing attacks for a rather large organization. One of the first things that came to my mind was to contact the anti-phishing organizations to see how I could integrate with their system .
1. Founders, Development and Support
- PishTank is operated by OpenDNS
- APWG apparently is operated on a voluntary base but their Premium and Sponsored Members list is impressive because you can find almost all the big names in security; it’s like a Fortune 100 security directory
2. Services offered
- Phishtank offers free submission (free reg. required) of suspect URLs considered to be phishing sites. They even provide a free API to integrate in your applications. You can add and search for a phishing site right away. Impressive.
- APWG on the other hand offers the possibility to submit emails which are considered phishing emails. And that’s pretty much all that’s offered for free. The most recent publicly available scam email is dated July 4, 2005 , almost 2 years ago. But ! you can go to one of their partners which sells the complete database of 175916 email scams harvestes so far.
So I might be completly off the right foot here, but my guess is that PhishTank is trully a community effort whereas APWG is the product of a huge coallition of security vendors which use the submitted phising data to improve their security tools.
Am I wrong about these assumptions and sould lower the level of paranoia & conspiracy theory?
Which service do you use and where would you submit a piece of phishing evidence ?
Thank you for reading this post. You can now Read Comments (4) or Leave A Trackback. Print This Post
Post InfoThis entry was posted on Thursday, May 17th, 2007 . Tagged with:
Previous Post: Biggest Identity Theft Incidents During May 7 – 15 »
Next Post: Blogging Platforms Vulnerabilities »
Read MoreRelated Reading:
- How to Protect Your Business Network from Phishing Attacks
- Animated Presentation on Sony PSN Hack
- ArcSight Tip #1 – arcsight managersetup notification test
- I’m a CISSP
- Operation:Payback or Social Vendetta is Here
- I got owned by Malware Destructor 2011 Virus
- New Downtime Cost Calculator by Storagepipe.com. What if ?
- Securing Your Network from Web Threats
- My Twitter Notes on 2010-07-25
- New NetWitness Visualize : Welcome To The Future!