Comments on: Bad Sushi: Beating Phishers at their own Game

By: Dangeorous Online Behaviour

Dangeorous Online Behaviour — Mon, 12 Oct 2009 00:00:03 +0000

[...] links from untrusted sources is never good was demonstrated in Billy Rios and Nitesh Dhanjani, Bad Sushi talk. In their presentation they described sending phishers a word document stating their account [...]

By: What Motivates Hackers? « Miscellaneous Security

What Motivates Hackers? « Miscellaneous Security — Thu, 09 Jul 2009 00:44:22 +0000

[...] Personally Identifiable Information (PII). Some researchers, such as Rios and Dhanjani, have done research into this [...]

By: What Motivates Hackers? Why, Money of Course. « Miscellaneous Security

What Motivates Hackers? Why, Money of Course. « Miscellaneous Security — Tue, 07 Jul 2009 21:02:59 +0000

[...] Personally Identifiable Information (PII). Some researchers, such as Rios and Dhanjani, have done research into this [...]

By: Don’t Click That Link! « Miscellaneous Security

Don’t Click That Link! « Miscellaneous Security — Tue, 07 Jul 2009 19:42:26 +0000

By: kfritz

kfritz — Tue, 16 Dec 2008 16:56:39 +0000

Hello Billy Rios:

Would it be accurate to assert that the current volume of Phishing would not be as high without the current ‘business model’ of open forums providing quality malware to the ‘foot soldiers’ who do the day to day work of harvesting and utilizing data?

By: Mike

Mike — Sun, 03 Aug 2008 19:23:21 +0000

Here’s an interesting idea. If it’s that easy to get a hold of PII on these forums, it seems like the logical next step would be for the authorities to start contacting these people. The could let them know that their identities are at risk, and they should cancel or reissue their credit cards, and additionally, send them some information on how to avoid phishing scams in the future. These would severely limit the value of the information by time it was used by someone. Or, is it too late by time their info is on the forum?

By: IE8 SmartScreen Filter: Security Part - 3 » D' Technology Weblog: Technology, Blogging, Tips, Tricks, Computer, Hardware, Software, Tutorials, Internet, Web, Gadgets, Fashion, LifeStyle, Entertainment, News and more by Deepak Gupta.

Thu, 03 Jul 2008 09:27:55 +0000

[...] spam I receive, a significant number of messages represent phishing attacks. Most of these lures aren’t very clever or convincing, but phishing has become a simple numbers game—hosting phishing sites is cheap, [...]

By: krasn

krasn — Sun, 24 Feb 2008 09:27:02 +0000

I’ve done the same procedure, tracked down Nigeria phishers, they were pasting even credit cards amounts when there was a fair amount into them, i’ve seen more than 250k in accounts. They are using rfi scanbots installed in hacked servers and mass mailer scripts.
I stopped too way too many information to keep on and they seem to be doing their “job” all day long.

By: inawe

inawe — Sat, 02 Feb 2008 21:28:41 +0000

….you guys are crazy….

I’m continually impressed by your ingenuity and skills….

By: Ixian

Ixian — Wed, 30 Jan 2008 19:54:25 +0000

It’s quite interesting that the phishing underground world has changed so much. At first it took a skilled person and a lot of luck to pull off a phish, now there are kits that let anyone pull off one. They don’t even need to know what the code does, and from the fact that they’re getting phished themselves, probably many of them don’t know what the code does at all. In retrospect it seems obvious that kits would be made that let anyone do this, but it was kind of unexpected to hear at first.