A new information clearinghouse for data on phishing attacks is
up and running, and unlike similar efforts at other sites,
PhishTank
includes an open API that enables contributors to submit and access
data through various applications.
The new site is not only an archive of suspected and confirmed
phishing emails, but it also includes a feature that allows other
registered users to examine submissions and verify that they are in
fact malicious mailings. This collaborative format is a bit
different from the work done by other groups, such as the
Anti-Phishing
Working Group, which focuses on compiling statistics on
phishing and pharming attacks and aiding law enforcement agencies
in taking down malicious sites.
PhishTank launched on Tuesday and by Thursday morning Eastern
time, the site had received 752 submissions, 447 of which were
verified as phish, according to the site's statistics page.
The site is backed by OpenDNS, a San Francisco-based company
that provides a free DNS service designed to help companies avoid
malicious Web sites and speed up their DNS queries.
The PhishTank API is a unique submission option for the site's
contributors. Once a contributor registers an application with the
site, he can submit suspected phishing emails via a direct SSL
connection over HTTP. It is believed this method will be used
mainly by ISPs and large enterprises. But individual contributors
can submit emails simply by forwarding them to
phish@phishtank.com.
One early application of this API is a button for Microsoft
Outlook that the antispam group Project Honey Pot is
developing. Once installed in the Outlook toolbar, the button will
enable users to report suspected phish with one click.
Phishing and pharming -- a variation on phishing that involves
DNS cache poisoning -- have been the favored attack vectors for
identity thieves and online crime gangs for several years. Early
phishing emails were crude and for the most part easily
recognizable by their blatant spelling errors and other telltale
signs. But as the financial stakes have grown, the messages and
their social engineering tactics have becomes far more
sophisticated and often target specific groups with small
memberships, such as customers of small credit unions or community
banks.
The number of attacks has continued to multiply as well. The
Anti-Phishing Working Group reported more than 14,000 unique
phishing campaigns in July 2005; July of this year saw more than
23,000 such attacks.