International Association for Cryptologic Research

International Association
for Cryptologic Research


Paper: Distributed Phishing Attacks

Markus Jakobsson
Adam Young
Search ePrint
Search Google
Abstract: We identify and describe a new type of phishing attack that circumvents what is probably today's most efficient defense mechanism in the war against phishing, namely the shutting down of sites run by the phisher. This attack is carried out using what we call a distributed phishing attack (DPA). The attack works by a per-victim personalization of the location of sites collecting credentials and a covert transmission of credentials to a hidden coordination center run by the phisher. We show how our attack can be simply and efficiently implemented and how it can increase the success rate of attacks while at the same time concealing the tracks of the phisher. We briefly describe a technique that may be helpful to combat DPAs.
  title={Distributed Phishing Attacks},
  booktitle={IACR Eprint archive},
  keywords={applications / Covert channels, distributed attacks, phishing, social engineering, security},
  note={in submission 12867 received 25 Mar 2005},
  author={Markus Jakobsson and Adam Young},