A single person in Nigeria is responsible for creating 1,100 phishing sites, as reported by Phishlabs after clever experiment that allowed them to monitor the use of phishing tool-kits in the wild. The fraudster set up two to three phishing sites a week.
About a year and a half ago, investigators at Charleston, S.C. based PhishLabs found that one particular backdoor that showed up time and again in phishing attacks referenced an image at a domain name that was about to expire. When that domain finally came up for grabs, PhishLabs registered it, hoping that they could use it to keep tabs on new phishing sites being set up with the same kit…PhishLabs determined that most of the phishing sites were likely set up by a single person — a man in Lagos, Nigeria that PhishLabs estimates was responsible for about 1,100 of the phishing sites the company tracked over the 15 month experiment.
“This guy was setting up two to three new phishing sites each day,” Phishlabs founder and president John LaCour said. “If you accept conservative estimates, that this guy is stealing about 10 [sets of] banking credentials per phish, and that conservatively each of these stolen credentials causes $500 in losses, we’re talking about more than $4 million a year he’s probably making.”
When PhishLabs plotted the guy’s daily online activity, the resulting graph displayed like a bell curve showing the sort of hourly workload you’d typically see in a regular 9-5 job, LaCour said. “In the middle of the day he’s super busy, and in the mornings and evenings he’s not. So this is very much his day job.”
Related Posts: On this day...
- Swearing child's toy: VTECH phone - 2011
- MacroWikinomics: Nonthreatening web theory primer for business - 2011
- Transformers: The Complete Series on DVD preorders for $60 shipped - 2011
- Life with Ubuntu and a ThinkPad - 2011
- How do emulators work and how are they written? - 2010
- Exclusive BlackBerry tablet information - 2010
- BlackBerry Bold 9650 to hit Verizon "soon" - 2010
- SWORD OF MY MOUTH: Apocalyptic graphic novel about the tyranny of angels - 2010
- A botnet with 6 to 12 million computers, employing the world's most sophisticated encryption and peer-to-peer communication lies waiting, but for what? - 2010
- HOWTO: Receive an email when someone logs in as root - 2009