Google Blacklist Reveals Techniques of Bogus Sites

An assessment of Google's blacklist of doubtful phishing sites showed that PayPal, eBay and Bank of America make for 63 percent of the total probable scam sites.

Law enforcement agencies define phishing as the criminal practice of scamming or extorting out valuable and confidential information from people. Such information relate to usernames, e-mail passwords, passwords of government officials, bank account details, credit card information and so on. The scammers send out messages in the name of popular enterprises such as eBay, financial institutions and also government agencies to trick people into divulging their private information.

Google's blacklist has a fair number of spoof websites that Yahoo hosts. Security researcher Michael Sutton discovered that these sites try to fool surfers into declaring their Yahoo login particulars. Anti-phishing technology within the Firefox 2 browser uses information from that list. So does Google Toolbar for Firefox.

Sutton also discovered that 83 percent of the sites from the list no longer exist. phishing websites yield very fast turnover as akin to their nature. However, initiatives such as Google blacklist definitely assist CERTs and other protectors of Internet to detect and eliminate bogus websites more easily and quickly.

A majority of the websites detailed in the list takes help of social engineering tactics. Spam mails encouraging these sites that often pretend to be security verifiers from known online firms, attempt to dupe users into surrendering their login credentials. Michael Sutton, however, found that there were few websites that used software flaws to seize passwords from users.

Sutton further said that this week his team got notice through a 'full disclosure mailing list' that Google's blacklist unwarily included usernames and passwords. Google has rectified the problem, although it did not respond to Sutton's queries about this issue. Sutton's group guesses that such data was swiped from users' computers through keylogging Trojans. These trojans post the captured results on the Net so that hackers can subsequently dig them out.

As phishers are more equipped to harvest public information, phishing attacks will become more widespread. Moreover, these personalized attacks will be even more dangerous than those prevailing at present.

Related article: Google Rectifies Gmail flaw in Three Days

» SPAMfighter News - 1/10/2007