Conference paper Open Access

PhishEye: Live Monitoring of Sandboxed Phishing Kits

Han, Xiao; Kheir, Nizar; Balzarotti, Davide

Phishing is a form of online identity theft that deceives unaware users into disclosing their con dential information.
While signi cant e ort has been devoted to the mitigation of phishing attacks, much less is known about the entire
life-cycle of these attacks in the wild, which constitutes, however, a main step toward devising comprehensive anti-
phishing techniques. In this paper, we present a novel approach to sandbox live phishing kits that completely protects
the privacy of victims. By using this technique, we perform a comprehensive real-world assessment of phishing attacks,
their mechanisms, and the behavior of the criminals, their victims, and the security community involved in the process
{ based on data collected over a period of ve months. Our infrastructure allowed us to draw the rst comprehensive picture of a phishing attack, from the time in which the attacker installs and tests the phishing pages on a compromised host, until the last interaction with real victims and with security researchers. Our study presents accurate measurements of the duration and e ectiveness of this popular threat, and discusses many new and interesting aspects we observed by monitoring hundreds of phishing campaigns.

Files (503.2 kB)
Name Size
503.2 kB Download
All versions This version
Views 115115
Downloads 531531
Data volume 267.2 MB267.2 MB
Unique views 114114
Unique downloads 528528


Cite as