14 percent of phishing scams may be successful, says IU
posted by Allison on October 19th, 2006 in PhishTank, Phishing news, Data
The phish fighters at Indiana University’s School of Informatics today released the findings of a study [PDF] that evaluates the success rate of various types of phishing scams. The study, titled “Designing Ethical Phishing Experiments: A study of (ROT13) rOnl query features,” was also covered by Network World.
The researchers simulated a phishing attack by sending out bogus e-mails claiming to be from eBay and including what looked like a link to eBay. When all was said and done, 14 percent of the e-mail recipients clicked the link, suggesting that one in six people who receive phishing e-mails visit the phishing site.
I commend IU for exposing that maybe phishing is a bigger problem than people realize.
Leave a response below, or send a trackback from your own site.
Terry (clubjuggle)
Thanks for posting this. What’s most troubling to me is that this is the percentage of users who respond within the first 24 hours. I’m finding that in many cases an entry seems to take longer than that to get validated. This suggests that by the time an entry gets validated, most of the damage might already be done. If that’s truly the case, then we need to find ways to speed up the process, and part of that might be reducing the lag time between when an entry is submitted and when it hits the queue.
— posted by Terry (clubjuggle) on October 20th, 2006 at 12:02 am
Moike
Along the lines of Terry’s concern - Some entries have had voting disabled as being offline, despite coming up in a browser and still being spammed out. For Example -
http://www.phishtank.com/phish_detail.php?phish_id=19663
Obviously ‘meanoldmen.dk’ is too lazy to be bothered with a takedown despite also having a report via Spamcop. That URL will never be included in SURBL.
— posted by Moike on October 20th, 2006 at 3:00 am
priruss
The threadline/premise of this entry is flawed from
the get-go. Simply clicking on a phishing link to
test it for viability (as I routinely do before
reporting the link to the authorities) does not
mean that the phish was “successful”.
— posted by priruss on October 20th, 2006 at 4:48 am
Bill Gram-Reefer
InternetPerils exposes phishing cluster at German ISP
http://www.internetperils.com/perilwatch/20060928.php
— posted by Bill Gram-Reefer on October 20th, 2006 at 6:26 pm
Terry (clubjuggle)
priruss, I encourage you to read the study. It looked not only at whether the individuals clicked the links, but whether they provided sensitive information after doing so.
— posted by Terry (clubjuggle) on October 20th, 2006 at 6:52 pm
micha
@ Moike
Exactly. Besides the fact that it takes too much time for some (very) obvious positive URLs to finally get tagged valid, the same counts for trolls (KackMoKid, jkrieger3, bluedevil …) which results in waste of _very_ valuable resources.
@Terry
If you by any chance have spotted the log files of login attempts, which are saved at some phish locations …
They show, that some people even try to login twice (with same username and password) because they must think, they mistyped the first time:-/
Much to do.
Regards,
Micha
[KL Japan]
— posted by micha on October 21st, 2006 at 6:32 am
Bota
Heck, I click on ALL of them! It doesn’t mean I’ve been fooled.
— posted by Bota on November 2nd, 2006 at 10:04 pm