{"title":"通过表单进行网络钓鱼:滥用表单网站","authors":"Hugo Gonzalez-Robledo, K. Nance, Jose Nazario","doi":"10.1109/MALWARE.2011.6112332","DOIUrl":null,"url":null,"abstract":"The evolution of phishing methods has resulted in a plethora of new tools and techniques to coerce users into providing credentials, generally for nefarious purposes. This paper discusses the relatively recent emergence of an evolutionary phishing technique called phishing by form that relies on the abuse of online forms to elicit information from the target population. We evaluate a phishing corpus of emails and over a year's worth of phishing URLs to investigate the methodology, history, spread, origins, and life cycle as well as identifying directions for future research in this area. Our analysis finds that these hosted sites represent less than 1% of all phishing URLs, appear to have shorter active lifetimes, and focus mainly on email account credential theft. We also provide defensive recommendations for these free application sites and users.","PeriodicalId":375300,"journal":{"name":"2011 6th International Conference on Malicious and Unwanted Software","volume":"31 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2011-10-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"Phishing by form: The abuse of form sites\",\"authors\":\"Hugo Gonzalez-Robledo, K. Nance, Jose Nazario\",\"doi\":\"10.1109/MALWARE.2011.6112332\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The evolution of phishing methods has resulted in a plethora of new tools and techniques to coerce users into providing credentials, generally for nefarious purposes. This paper discusses the relatively recent emergence of an evolutionary phishing technique called phishing by form that relies on the abuse of online forms to elicit information from the target population. We evaluate a phishing corpus of emails and over a year's worth of phishing URLs to investigate the methodology, history, spread, origins, and life cycle as well as identifying directions for future research in this area. Our analysis finds that these hosted sites represent less than 1% of all phishing URLs, appear to have shorter active lifetimes, and focus mainly on email account credential theft. We also provide defensive recommendations for these free application sites and users.\",\"PeriodicalId\":375300,\"journal\":{\"name\":\"2011 6th International Conference on Malicious and Unwanted Software\",\"volume\":\"31 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2011-10-18\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2011 6th International Conference on Malicious and Unwanted Software\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/MALWARE.2011.6112332\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2011 6th International Conference on Malicious and Unwanted Software","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/MALWARE.2011.6112332","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
The evolution of phishing methods has resulted in a plethora of new tools and techniques to coerce users into providing credentials, generally for nefarious purposes. This paper discusses the relatively recent emergence of an evolutionary phishing technique called phishing by form that relies on the abuse of online forms to elicit information from the target population. We evaluate a phishing corpus of emails and over a year's worth of phishing URLs to investigate the methodology, history, spread, origins, and life cycle as well as identifying directions for future research in this area. Our analysis finds that these hosted sites represent less than 1% of all phishing URLs, appear to have shorter active lifetimes, and focus mainly on email account credential theft. We also provide defensive recommendations for these free application sites and users.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
