![]() ![]() Our study reveals the key mechanisms for information sharing during phishing, particularly with third-parties. Third, we set up honey accounts to monitor the post-phishing exploitation activities from attackers. Second, we obtain phishing kits from a subset of phishing sites to analyze how credentials are sent to attackers and third-parties on the server side. The goal is to monitor how the credential information is shared with the phishing server and potentially third-party collectors on the client side. First, we build a measurement tool to feed fake credentials to live phishing sites. Over 5 months, our measurement covers more than 179,000 phishing URLs (47,000 live phishing sites). ![]() In this paper, we perform an empirical measurement on the transmission and sharing of stolen login credentials. While existing works have extensively analyzed phishing websites and their operations, there is still a limited understanding of the information sharing flows throughout the end-to-end phishing process. Phishing has been a big concern due to its active roles in recent data breaches and state-sponsored attacks.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |