Skip to main content
SpringerLink
Log in

On the Effectiveness of Techniques to Detect Phishing Sites

  • Conference paper
Book cover Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA 2007)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 4579))

Abstract

Phishing is an electronic online identity theft in which the attackers use a combination of social engineering and web site spoofing techniques to trick a user into revealing confidential information. This information is typically used to make an illegal economic profit (e.g., by online banking transactions, purchase of goods using stolen credentials, etc.). Although simple, phishing attacks are remarkably effective. As a result, the numbers of successful phishing attacks have been continuously increasing and many anti-phishing solutions have been proposed. One popular and widely-deployed solution is the integration of blacklist-based anti-phishing techniques into browsers. However, it is currently unclear how effective such blacklisting approaches are in mitigating phishing attacks in real-life. In this paper, we report our findings on analyzing the effectiveness of two popular anti-phishing solutions. Over a period of three weeks, we automatically tested the effectiveness of the blacklists maintained by Google and Microsoft with 10,000 phishing URLs. Furthermore, by analyzing a large number of phishing pages, we explored the existence of page properties that can be used to identify phishing pages.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Firefox 2.0.0.1 Phishing Protection Bypass (2007), https://bugzilla.mozilla.org/show_bug.cgi?id=367538

  2. Anti-Phishing Working Group (APWG). APWG Homepage (2007), http://www.antiphishing.org/

  3. Chou, N., Ledesma, R., Teraguchi, Y., Boneh, D., Mitchell, J.: Client-side defense against web-based identity theft. In: 11th Annual Network and Distributed System Security Symposium (NDSS 2004), San Diego (2005)

    Google Scholar 

  4. Utter, D.: Sites Want To Hook And Gut Phishers (2006), http://www.securitypronews.com/insiderreports/insider/spn-49-20061114SitesWantToHookAndGutPhishers.html

  5. Dhamija, R., Tygar, J.D.: The battle against phishing: Dynamic security skins. In: Proceedings of the 2005 symposium on Usable privacy and security, pp. 77–88. ACM Press, New York (2005)

    Chapter  Google Scholar 

  6. Dhamija, R., Tygar, J.D., Hearst, M.: Why Phishing Works. In: Proceedings of the Conference on Human Factors In Computing Systems (CHI) 2006, Montreal, Canada, ACM Press, New York (2006)

    Google Scholar 

  7. eBay. eBay tool bar (2007), http://pages.ebay.com/ebaytoolbar/

  8. Gartner Press Release. Gartner Says Number of Phishing E-Mails Sent to U.S. Adults Nearly Doubles in Just Two Years (2006), http://www.gartner.com/it/page.jsp?id=498245

  9. Google. Google Toolbar for Firefox (2006), http://www.google.com/tools/firefox/toolbar/FT3/intl/en/

  10. Google. Google Whitelist (2007), http://sb.google.com/safebrowsing/update?version=goog-white-domain:1:-1

  11. Kirda, E., Kruegel, C.: Protecting Users against Phishing Attacks. The Computer Journal  (2006)

    Google Scholar 

  12. McAfee. McAfee SiteAdvisor (2007), http://www.siteadvisor.com

  13. Sutton, M.: A Tour of the Google Blacklist (2007), http://portal.spidynamics.com/blogs/msutton/archive/2007/01/04/A-Tour-of-theGoogle-Blacklist.aspx

  14. Microsoft. Microsoft Internet Explorer Privacy Statement (2006), http://www.microsoft.com/windows/ie/ie7/privacy/ieprivacy_7.mspx

  15. Microsoft. Phishing Filter FAQ (2007), https://phishingfilter.microsoft.com/faq.aspx

  16. Microsoft. Sender ID Home Page (2007), http://www.microsoft.com/mscorp/safety/technologies/senderid/default.mspx

  17. Mozilla. Firefox 2 Phishing Protection Effectiveness Testing (2006), http://www.mozilla.org/security/phishing-test.html

  18. NetCraft. Netcraft anti-phishing tool bar (2007), http://toolbar.netcraft.com

  19. Robichaux, P., Phishing, G.: Evaluating Anti-Phishing Tools for Windows (2006), http://www.3sharp.com/projects/antiphishing/gone-phishing.pdf

  20. Phishtank. Phishtank feed: validated and online (2007) http://data.phishtank.com/data/online-valid/index.xml

  21. Provos, N.: Phishing Protection: Server Spec: Lookup Requests (2007) http://wiki.mozilla.org/Phishing_Protection:_Server_Spec#Lookup_Requests

  22. Quinlan, R.: C4.5: Programs for Machine Learning. Morgan Kaufmann, San Francisco (1993)

    Google Scholar 

  23. Ross, B., Jackson, C., Miyake, N., Boneh, D., Mitchell, J.C.: A Browser Plug-In Solution to the Unique Password Problem (2005), http://crypto.stanford.edu/PwdHash/

  24. Ross, B., Jackson, C., Miyake, N., Boneh, D., Mitchell, J.C.: Stronger Password Authentication Using Browser Extensions. In: 14th Usenix Security Symposium (2005)

    Google Scholar 

  25. Schneider, F., Provos, N., Moll, R., Chew, M., Rakowski, B.: Phishing Protection Design Documentation (2007), http://wiki.mozilla.org/Phishing_Protection:_Design_Documentation

  26. SpoofGuard. Client-side defense against web-based identity theft (2005), http://crypto.stanford.edu/SpoofGuard/

  27. Sharif, T.: IE Blog: Phishing Filter (2005), http://blogs.msdn.com/ie/archive/2005/09/09/463204.aspx

  28. Verisign. Anti-Phishing Solution (2005), http://www.verisign.com/verisign-business-solutions/anti-phishing-solut%ions/

  29. W3C. IEBlog:IE7 Phishing Filter Performance Update is Now Available (2007), http://blogs.msdn.com/ie/archive/2007/01/31/ie7-phishing-filter-perform%ance-update-is-now-available.aspx

  30. Wenyin, L., Huang, G., Xiaoyue, L., Min, Z., Deng, X.: Detection of phishing webpages based on visual similarity. In: 14th International Conference on World Wide Web (WWW): Special Interest Tracks and Posters (2005)

    Google Scholar 

  31. Witten, I.H., Frank, E.: Data Mining: Practical machine learning tools and techniques, 2nd edn. Morgan Kaufmann, San Francisco (2005)

    MATH  Google Scholar 

  32. Yahoo. Yahoo! AntiSpam Resource Center (2007), http://antispam.yahoo.com/domainkeys

  33. Zhang, Y., Egelman, S., Cranor, L., Hong, J.: Phinding Phish: Evaluating Anti-Phishing Tools. In: Network and IT Security Conference: NDSS 2007, San Diego, California (2007)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Secure Systems Lab, Technical University Vienna,  

    Christian Ludl, Sean McAllister, Engin Kirda & Christopher Kruegel

Authors
  1. Christian Ludl
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sean McAllister
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Engin Kirda
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Christopher Kruegel
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Bernhard M. Hämmerli Robin Sommer

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Ludl, C., McAllister, S., Kirda, E., Kruegel, C. (2007). On the Effectiveness of Techniques to Detect Phishing Sites. In: M. Hämmerli, B., Sommer, R. (eds) Detection of Intrusions and Malware, and Vulnerability Assessment. DIMVA 2007. Lecture Notes in Computer Science, vol 4579. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-73614-1_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-73614-1_2

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-73613-4

  • Online ISBN: 978-3-540-73614-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation