PhishTank in the News: June 12, 2007
posted by Allison on June 12th, 2007 in PhishTank, Community, PhishTank in the news
The press spotlight is shining squarely on PhishTank. 
Computing, a high-profile tech magazine in the UK, covered the recent findings of Cambridge University researchers, who used PhishTank data to analyze Rock Phish. PhishTank is referred to as “the largest online clearing house of phishing data.”
Back State-side, Brian Krebs of the Washington Post does his own piece on Rock Phish and uses a nifty screenshot from PhishTank to demonstrate Rock Phish submissions.
Congrats to the entire community on all the great attention.
Follow responses to this post through the RSS 2.0 feed.
Leave a response below, or send a trackback from your own site.
Leave a response below, or send a trackback from your own site.
Mads Dam
I was going to take closer look at
http://ksjab.hk/?338ee7c634591933434671c16
before voting, but this text appeared insted of the screenshot:
“This phishing site is known to contain a virus or browser exploit.
In this case we recommend you base your decision on the screenshot provided by PhishTank (if available) and/or the technical details. If you wish to continue, please insure you are using the last version of your computer’s operating system with all recent patches and upgrades applied, as well as the latest version available of your web browser. Last Scanned: Nov 30th 1999″
I don’t doubt the first part of the text, but the end made me wonder:
Do you really mean 1999? It does look like an error to me…
PS: How do I contact phishtank? I looked in vain for ‘contact’ in the menu.
This blog seems to be the only possibility, or am I wrong..?
— posted by Mads Dam on June 24th, 2007 at 11:46 pm
Adam
http://www.phishtank.com/contact.php at the bottom of every phishtank page
As far as that “last scanned” date….no idea, Im betting it’s a typo. Someone brought it up on the mailing list too, but dont think there was every an official response “why” hehe.
— posted by Adam on July 26th, 2007 at 4:43 pm
Stuart Gathman
I have been having trouble submitting phishes via email. I bounce them to my coded phishtank email. Up through Jul 9, the problem was that the wrong URL (i.e. the legit URL) was extracted from the phish, not the one the user is invited to click on - this resulted in many valid phishes getting voted invalid (because the URL shown them was legit). Since Jul 9, all my submissions are getting rejected as spam. The last example is:
—————-
Date: Tue, 31 Jul 2007 06:58:04 -0500
From: PayPal Inc.
Subject: your paypal account need to be updated!
[ The following text is in the “Windows-1251″ character set. ]
[ Your display is set for the “ISO-8859-1″ character set. ]
[ Some characters may be displayed incorrectly. ]
Dear PayPal Member,
Your account has been randomly flagged in our system as a part of our
routine security measures. This is a must to ensure that only you have
access and use of your Paypal account and to ensure a safe PayPal
experience. We require all flagged accounts to verify their information
on file with us. To verify your information at this time, please visit
our secure server webform by clicking the hyperlink below:
Click here to verify your Information
…
… dire warnings should you fail to click
—————————-
And the link goes to http://mail.yoda.com.tw/lndex.html
It is too time consuming to cut and paste phishes to submit them on the
website, so it is disappointing that email submission isn’t working well.
— posted by Stuart Gathman on August 1st, 2007 at 2:18 pm
Stuart Gathman
Actually, what may be happening is that link extraction is working better since Jul 9, and my submissions are being rejected as dups. I guess that is a consequence of having lots of people working at it.
— posted by Stuart Gathman on August 1st, 2007 at 2:23 pm