Its still a good bit of work to reverse engineer the website and make a script that fakes submissions, and its difficult getting a list of phishing sites since they are typically sent directly to people via email/sms and never advertised anywhere while also too short lived to be picked up by search engines (What would the search term look like anyway?)
Probably the easiest way to get a wide variety of phishing emails would be to set up an address that users can forward the emails to.
Tho i suppose if the criminals ware smart they would have also logged a bunch of other information like the IP and browser. So when they see a suspiciously large amount of submissions from one place they can filter it out as garbage data. Not many people have a botnet at there disposal to use that to bombard them with data perfectly randomly.
Would be really fun to do it with VPN IPs, CGNAT, and Tor. In that case, merely discarding all data from IPs with a lot of submissions would also discard real data.
I think the easiest way to undermine phishing in the first place would be to pose as black hats on the darknet selling "stolen" credentials that are actually just worthless random data. Probably not strictly legal due to laws against false advertising, but who would report that?
Home
Help
Search
Login
Register
