Plenty more phish in the sea

Phew. I got back from my holiday - a lovely cruise on the adriatic, to find that the sea had been following me home. Well, judging from the amount of phishes that started last weekend, it felt like it. For a time, nearly every spam was a phishing email. A real torrent. I’ll let a picture tell the story:

This shows the last 30 days worth of phishing - the outbreak started towards the end of the 28th, peaked on the 29th then tailed off, then came to an end on the 1st of August.

So, around 4 times the normal volume. This is a view from just one site. Other sites saw a 10 fold increase.

The attack targeted a number of different institutions, using a small number of fake sites at various domain names. The IPs associated with the domains changed frequently. The common factor was a shared DNS server (or servers). The attack ended when the DNS servers were shutdown, which took several days.

You can pick over the bones at the Phishery.

This entry was posted on Friday, August 4th, 2006 at 3:49 pm and is filed under E-Mail, Phishing. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

Comments are closed.

Categories

Articles

Pages

Archives

Search

Links

Plenty more phish in the sea



Categories E-Mail 419 Scams Phishing Spam Viruses General Daily Review Services Top Tips Security Threats Vulnerabilities XSS 2.0 Articles 06/04 April Report 06/05 May Report 06/06 June Report Email activity in June 06/07 July Report Email Activity in July ECSC Ltd. FireHat Internet Defence The Phishery Pages 419 Scam Archives October 2007 September 2007 August 2007 May 2007 February 2007 January 2007 December 2006 November 2006 October 2006 September 2006 August 2006 July 2006 June 2006 May 2006 April 2006 March 2006 February 2006 January 2006 December 2005 November 2005 August 2005 June 2005 March 2005 July 2004 June 2004 Search Links 06/04 April Report 06/05 May Report 06/06 June Report Email activity in June 06/07 July Report Email Activity in July ECSC Ltd. FireHat Internet Defence The Phishery	« The Mafia’s Approach to Computer Security Email activity in July: Ham, Spam, Viruses and Phishing » Plenty more phish in the sea Phew. I got back from my holiday - a lovely cruise on the adriatic, to find that the sea had been following me home. Well, judging from the amount of phishes that started last weekend, it felt like it. For a time, nearly every spam was a phishing email. A real torrent. I’ll let a picture tell the story: This shows the last 30 days worth of phishing - the outbreak started towards the end of the 28th, peaked on the 29th then tailed off, then came to an end on the 1st of August. So, around 4 times the normal volume. This is a view from just one site. Other sites saw a 10 fold increase. The attack targeted a number of different institutions, using a small number of fake sites at various domain names. The IPs associated with the domains changed frequently. The common factor was a shared DNS server (or servers). The attack ended when the DNS servers were shutdown, which took several days. You can pick over the bones at the Phishery. This entry was posted on Friday, August 4th, 2006 at 3:49 pm and is filed under E-Mail, Phishing. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed. Comments are closed.