International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Paper: Distributed Phishing Attacks

Authors:
Markus Jakobsson
Adam Young
Download:
URL: http://eprint.iacr.org/2005/091
Search ePrint
Search Google
Abstract: We identify and describe a new type of phishing attack that circumvents what is probably today's most efficient defense mechanism in the war against phishing, namely the shutting down of sites run by the phisher. This attack is carried out using what we call a distributed phishing attack (DPA). The attack works by a per-victim personalization of the location of sites collecting credentials and a covert transmission of credentials to a hidden coordination center run by the phisher. We show how our attack can be simply and efficiently implemented and how it can increase the success rate of attacks while at the same time concealing the tracks of the phisher. We briefly describe a technique that may be helpful to combat DPAs.
BibTeX
@misc{eprint-2005-12428,
  title={Distributed Phishing Attacks},
  booktitle={IACR Eprint archive},
  keywords={applications / Covert channels, distributed attacks, phishing, social engineering, security},
  url={http://eprint.iacr.org/2005/091},
  note={in submission markus@indiana.edu 12867 received 25 Mar 2005},
  author={Markus Jakobsson and Adam Young},
  year=2005
}