When the community doesn’t reach a consensus
posted by John Roberts on October 10th, 2006 in Community, PhishTank, Voting
We set up community voting at PhishTank because we think multiple insights make for a better community judgment. This is similar to “Linus’s Law,” as formulated by Eric Raymond: “Given enough eyeballs, all bugs are shallow.”
We’re not the first to re-word that concept, but here’s the PhishTank version:
Given enough eyeballs, all phishes can be identified.
In a related post, Jeff Veen wrote about bloggers and the media and ways of reacting to changing forces:
Or will [organizations] find inspiration in, say, the Digg model, harnessing countless tiny points of participation to harness the collective intelligence of their audience and feeding it back into their product?
PhishTank is certainly about collective intelligence.
But sometimes it’s not that easy. Intelligent people can disagree!
Suspected phish ID 11983 is the first really challenging submission, where the community has not reached consensus yet despite over a week of vigorous voting. As we approach midnight UTC on Tuesday, October 10, this submission has over 315 votes, and it’s nearly 50-50 as to whether this is a phish or not. (Note: The # of votes is never shown publicly to non-admins.)
To me, this is not a phish, and I voted that way. My thinking? The URL is greatstudentloanpayoff.com, and when you get there… it’s for Great Student Loan Payoff. This looks less than beneficial, and I’m not going to give my information, but there is no attempt to pretend to be something other than what it is: an attempt to legally get your Social Security Number and permission to email you marketing messages.
My take? Don’t do it. But it’s not a phish.
For the terminally undecided among you, we have some site changes now live which I’ll talk about in a separate post shortly. While you wait for those words, go ahead and vote.
Leave a response below, or send a trackback from your own site.
I wonder if more context might help in a situation like this – what did the e-mail that the link was contained in look like? You’ve said you might be providing this information in past postings, and this would be a case that I think argues for it. If the e-mail is consistent with the URL itself and the web site, then I’d agree (and in fact that confirms what I voted), not a phish. But if the e-mail were to claim to be from someone other than this third party (such as if it claimed to be from the actual servicer of an indivdual’s student loan(s)), that might make it cross the line into “this is a phish” territory.
Yeah, it took me some time to vote on that one. I voted phish only because the target audience are students.
So, yeah, i slightly bent the rules.
Unfortunately, the reliability of this system suffers when the rules get bent. This is not the place to solve all the problems on the net — this is a place to identify phishing schemes. If it can do that reliably, then it will have value and will help make things better, and that’s a good thing.
Taking time to figure out if a non-phish thing is a good thing or a bad thing, and, if it’s a bad thing, to identify it as phish when it isn’t, doesn’t really help anything IMO. It’s going to be a period of time before anybody’s going to be able to figure out how to use this data to actually impact the amount of phishing going on and the harm that it’s doing to people. Let’s not push that date back by giving reasons to doubt the reliability of the service. The concern about false-positive is something that should concern everybody — one false-positive is much more dangerous that 100 false-negatives.
Maybe this is a good case for a 3rd option – “Is Spam”. It is outside the scope of this project directly, but there are a number of posts that have come across that are 100% spam. Of course, by definition if it’s spam it’s not a phish, which is what I voted. It’s marketing, pure and simple (heaven help if you if you click it).
Fuggedaboudit! I ain’t about to give out all my personal info to nobody! So what more does this no morals of a website want from a poor unsuspecting student? Geez! Go to a reliable source for the cash. Then, face to face, the loan officer will take down all the info they may need to make the loan. Not some jerk on the net who most likely doesn’t arrainge loans anyhow. They should be viewed as phish for their approach and what they’re up to. Avoid them like the plague!
Benz it is not a “phish” by definition, it is a scam.
Phish means like, a legit looking mail from a respected organisation such as bank.
You should check http://www.fraudwatchinternational.com , they are interested in scams.
It’s a lottery. Everyone gets a dollar. Everyone gets a salesman trying to sell a student loan consolidation loan. Someone gets a hundred grand. It’s sitting on a https site with a valid certificate issued by Verisign. It may not be wise to divulge all that personal data, but it’s not phishing. I voted “not a phish”.
My definition of phishing being a site that purports to be a legitimate bank or financial institution for the purpose of stealing your credentials for that bank or financial institution.
Perhaps someone needs to report this to your Federal Trade Commission.
https://rn.ftc.gov/pls/dod/wsolcq$.startup?Z_ORG_CODE=PU01
If this was in the United Kingdom I’d report this to the Financial Services Authority.
It’s not a phish. It may be a spam, it may be a scam, it may be legitimate, but the one thing it’s not is a phish. It might help if there were voting options for “spam” or “scam”. That way people who don’t like the content can label it as such, just not as a phish.
One of the things I do for every submission is compare the URL to the site’s name. If it looks like it might be legit, I google for the company. I just had one for Five Thirds Bank and the URL was something like http://administrator-53.com. When I googled for “five thirds bank”, google instead took me to http://www.53.com. That page looked exactly like the phish, so I knew it was a phish.
In this case I googled for “great student loan payoff” and this URL was google’s answer. Therefore this site is not a phish.
This page surely is scam but –> NOT asking for any password. For me, the definition of “phishing” is still close to “password fishing”. Thus, of course voted NOT a phish
It has to be a phish, see how it is asking for your SS number?
That’s like asking for your CC # but worse.