EEVblog Electronics Community Forum

Computing => Security => Topic started by: NiHaoMike on August 17, 2020, 01:45:00 am

Title: fighting phishing by entering junk data
Post by: NiHaoMike on August 17, 2020, 01:45:00 am
https://blog.haschek.at/2020/stopping-phishing-campaigns-with-bash.html
Taking it a step further, the banks could create trap credentials and give those credentials to the phishers using phishing emails forwarded to a phishing report address. Then when the phisher tries to log in with the trap credentials, the bank gets alerted to that and takes action.
Title: Re: fighting phishing by entering junk data
Post by: Berni on August 17, 2020, 05:40:11 am
Id say its more of a fun thing to do in an afternoon while at the same time getting satisfaction for messing up a webservice without feeling guilty about it.

Its still a good bit of work to reverse engineer the website and make a script that fakes submissions, and its difficult getting a list of phishing sites since they are typically sent directly to people via email/sms and never advertised anywhere while also too short lived to be picked up by search engines (What would the search term look like anyway?)

Tho i suppose if the criminals ware smart they would have also logged a bunch of other information like the IP and browser. So when they see a suspiciously large amount of submissions from one place they can filter it out as garbage data. Not many people have a botnet at there disposal to use that to bombard them with data perfectly randomly.
Title: Re: fighting phishing by entering junk data
Post by: NiHaoMike on August 17, 2020, 01:15:46 pm
Its still a good bit of work to reverse engineer the website and make a script that fakes submissions, and its difficult getting a list of phishing sites since they are typically sent directly to people via email/sms and never advertised anywhere while also too short lived to be picked up by search engines (What would the search term look like anyway?)
Probably the easiest way to get a wide variety of phishing emails would be to set up an address that users can forward the emails to.
Quote
Tho i suppose if the criminals ware smart they would have also logged a bunch of other information like the IP and browser. So when they see a suspiciously large amount of submissions from one place they can filter it out as garbage data. Not many people have a botnet at there disposal to use that to bombard them with data perfectly randomly.
Would be really fun to do it with VPN IPs, CGNAT, and Tor. In that case, merely discarding all data from IPs with a lot of submissions would also discard real data.

I think the easiest way to undermine phishing in the first place would be to pose as black hats on the darknet selling "stolen" credentials that are actually just worthless random data. Probably not strictly legal due to laws against false advertising, but who would report that?