I have found that an email to the hosting company to be very successful, even in other countries. On Dec 12, 2012 7:14 PM, "allison nixon" <[email protected]> wrote:
> As a web app developer, I'm not sure how your responsibilities would apply > to dealing with phishing sites. Are you maintaining a website and people > are creating phishing sites mimicking yours? If so, pls read the following > wikipedia entry: > http://en.wikipedia.org/wiki/Backscatter_(email) > > also, phishers typically dump people onto the real website after they have > fallen for the scam so it would be wise to locate some of the phishing > pages imitating your site, "falling" for the scam yourself, and looking at > the pattern of traffic that ends up going to your site. Other IPs with the > same pattern of traffic could have their accounts compromised. Finally, > once you've found the site, you could file dmca complaints, and you would > have good standing to do so, but it probably wouldn't help you anyways. > Phishing websites are disposable. I have seen people attempt to fill in > the phishing site with lots and lots of garbage info to make the operation > unprofitable, as well as locating the caches of stolen credentials on the > server, but that begins to fall into a very grey area and you can make your > own decisions on the matter. You could also create fake accounts and enter > them into known phishing sites, and track the activity of any IP that > attempts to log into those accounts. Typically the attacker attempts to > log in with many usernames from its stolen credential cache, and you might > even want to lower your login security to allow for many different logins > from one IP, so they don't need to recycle IPs and are easier to track. > > Of course, do what makes sense for your situation. > > -Allison Nixon > > On Wed, Dec 12, 2012 at 1:25 PM, xgermx <[email protected]> wrote: > >> Check for encoded javascript/php, check any redirects, check for any 1x1 >> iframes, etc >> wget/curl scripting can really do a lot for you and if you want to roll >> up your scripting sleeves, you can leverage the VirusTotal API. >> https://www.virustotal.com/documentation/public-api >> >> >> On Wed, Dec 12, 2012 at 8:43 AM, Brian Erdelyi >> <[email protected]>wrote: >> >>> Good morning everyone, >>> >>> I'd like to create a guide and checklist for detecting phishing attacks. >>> I want to focus on server side. What can a website admin do to detect >>> phishing attacks and spoofed websites? What can a web app developer do to >>> make it easier to detect phishing attacks and spoofed websites? >>> >>> Brian >>> >>> Sent from my iPhone >>> _______________________________________________ >>> Pauldotcom mailing list >>> [email protected] >>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >>> Main Web Site: http://pauldotcom.com >>> >> >> >> _______________________________________________ >> Pauldotcom mailing list >> [email protected] >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com >> > > > > -- > _________________________________ > Note to self: Pillage BEFORE burning. > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com >
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
