Conference paper Open Access

PhishEye: Live Monitoring of Sandboxed Phishing Kits

Han, Xiao; Kheir, Nizar; Balzarotti, Davide

Phishing is a form of online identity theft that deceives unaware users into disclosing their con dential information.
While signi cant e ort has been devoted to the mitigation of phishing attacks, much less is known about the entire
life-cycle of these attacks in the wild, which constitutes, however, a main step toward devising comprehensive anti-
phishing techniques. In this paper, we present a novel approach to sandbox live phishing kits that completely protects
the privacy of victims. By using this technique, we perform a comprehensive real-world assessment of phishing attacks,
their mechanisms, and the behavior of the criminals, their victims, and the security community involved in the process
{ based on data collected over a period of ve months. Our infrastructure allowed us to draw the rst comprehensive picture of a phishing attack, from the time in which the attacker installs and tests the phishing pages on a compromised host, until the last interaction with real victims and with security researchers. Our study presents accurate measurements of the duration and e ectiveness of this popular threat, and discusses many new and interesting aspects we observed by monitoring hundreds of phishing campaigns.

Files (503.2 kB)
Name Size
PhishEye-live-monitoring-sandboxed-phishing-kits.pdf
md5:9b5688a8c38d6c622a4c7d0a28ecb06b
503.2 kB Download
13
113
views
downloads
All versions This version
Views 1313
Downloads 113113
Data volume 56.9 MB56.9 MB
Unique views 1313
Unique downloads 112112

Share

Cite as