So you want to be a phisher
Picture credit: http://tecfa.unige.ch
Like most Internet users, I've been awash in a deluge of phishing attempts of late. Unlike most users, though, I enjoy tracking down the source of the spam mails, the location of the false storefronts, and their owners. I think I've nailed down the typical modus operandi . Here's the lifecycle of a typical phishing scam, at least so far as I can tell.
After enough complaints arrive, the web hosting provider will inevitably determine that the bogus site needs to be shut down. At this point the phishing scam -- at least temporarily -- comes to a screeching halt.
Can we learn anything from this lifecycle?
I think we can. Hosting providers need to implement a little bit of technology: call it an anti-phishing package (APP). The package would be a process running on each shared server. Using the server's log files, APP would perform the following tasks:
In the event that any or all of these criteria are met, APP sends an automatic email to system administrators. They can then examine the suspect site and shut it down if necessary.
I would hope that the major shared hosting providers are already running a process like APP.