[Dshield] Anti-Phishing

Mike Trahar mtrahara at rcn.com
Fri Mar 10 17:58:30 GMT 2006

Hi All,

Just my 0.02 The Netcraft tool bar 
works well for me. I usually at 
least check out the links you guys 
post as safely as I know how. When 
I went to the site in our friend 
webmasters'  post the Tool bar 
warned me not to go there and in 
fact blocked it. (I could have gone 
there anyway but I thought that - 
well maybe not ;,) So for what it's 
worth I agree with Johannes.

Mike Trahar

Johannes B. Ullrich wrote:
> Hash: RIPEMD160
> I am always against anything that may be interpreted as an attack. In
> your case, its probably "ok". And I am aware of a script by the name of
> "phishph*cker" that will do just that: submit random data to the site.
> Remember that many phishing sites are hosted on poorly secured shared
> servers. As a result of your action, you may impact innocent bystanders
> that are hosted on the same system.
> A better course of action:
> Install the netcraft anti-phishing toolbar and report the sites to
> netcraft. Not only will this protect others, but you also have the
> chance to win an ipod ;-)
> Related notes:
> - - shared servers are not suitable for business critical hosting needs.
> They are fine for hobby sites or simple "business card" web sites. But
> they should never be used for online stores and the like.
> - - I am not saying that there is anything ethical/legal wrong with
> submitting fake data to phishing sites. It just "doesn't feel right".
> - - Regarding netcrafts anti-phishing toolbar: It will "report" to
> netcraft what sites you visit, in order to lookup the risk rating for
> this site. Also: it kind of entices you to click on random phishing
> links in order to report them... this may not be a good idea. Still
> waiting for the 0-day browser exploit that comes hidden as a phishing
> email in order to entice security professionals to click on it to report
> the phish to netcraft. You can report the phishing URLs via email as well.
> Jon R. Kibler wrote:
>> Greetings All,
>> What if we were able to make life more miserable for phishers? Would it slow them down or discourage them? 
>> Would it be ethical to do so? Legal?
>> A thought along those lines: There are dozens of programs available that will generate 'legitimate' fake credit card numbers, bank account numbers, etc. There are all sorts of ways to generate lists of names. Use these types of programs to create millions of bogus identities. Then flood the phishing site with so much bogus information that it would become a real chore to sort out the legitimate phish caught from the decoys. To accomplish this would be simple:
>>    1) Visit the phish site and determine the information they are collecting.
>>    2) Write a simple shell script to generate the required bogus data in HTTP POST (or whatever method used) format.
>>    3) Have the shell script submit the bogus data (netcat, etc.) to the phish site one bogus identity at a time.
>> A real dumb phisher may even try to use bogus data and that may be the trigger that gets them caught.
>> Just a thought...
>> Jon Kibler

More information about the list mailing list