-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 In message <[email protected] il.com>, Andy Steingruebl <[email protected]> writes >On Sat, Sep 10, 2011 at 11:46 AM, Ian G <[email protected]> wrote: >> >>> 2) Phishing using a similar-looking domain name. >> >> Yes. That's the big one in this space. Afaik. > >I'd be surprised actually.
It's moderately common at the moment for World of Warcraft attacks (and for Habbo, but it's hard to tell what's an attack in that space and what is an unauthorised clone). For everything else it's rather rare... >Most phishing sites are mass-compromises >of other websites, or mass-hosting on funky names/addresses, often >nothing like the site being phished. A huge chunk is on "free webspace" The criminals learnt long ago that no-one can read URLs so provided it says www.bankname.com somewhere in the URL (to the left of the domain name, or to the right of the third /) then it works just fine for them >Look-alike isn't the dominant >trend these days, It hasn't been dominant in the whole period I've been collecting stats and writing papers about them -- which is coming up to 5 years now - -- Dr Richard Clayton <[email protected]> tel: 01223 763570, mobile: 07887 794090 Computer Laboratory, University of Cambridge, CB3 0FD -----BEGIN PGP SIGNATURE----- Version: PGPsdk version 1.7.1 iQA/AwUBTmwDUuINNVchEYfiEQL0IACeI9UqWsVsIsqNgbOJ5idD8ZLGbJIAn1qD yQ8/G9ygMgy8ih1b/OD/rrTB =b4Lr -----END PGP SIGNATURE----- _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
