Abstract :
Phishing is a wide spread and rapidly evolving form of electronic identity theft that attempts to gather personally identifying information from unwitting victims, often through social engineering. The ldquoclassicrdquo phishing attack starts with a ldquolurerdquo (unsolicited e-mail) that directs recipients to a fraudulent Web site that appears to be that of a well-known company, government agency, or other organization. Phishing data is collected by numerous organizations, resulting in many disjoint collections of varying quality and content. The goal of the Phisherman project is to create a single information resource available that provides ready access to on-going and historical phishing attacks for first-responders, brand owners, researchers, and law enforcement. The challenges include rapid automated validation to cope with the increasing scale of the attacks, and privacy protection, particularly when attacks are targeted at specific individuals.
Keywords :
Web sites; computer crime; fraud; program verification; unsolicited e-mail; Phisherman; electronic identity theft; fraudulent Web site; phishing data repository; rapid automated validation; social engineering; unsolicited e-mail; Business; Companies; Computer security; Government; Information resources; Law enforcement; Privacy; Protection; Terrorism; Unsolicited electronic mail;
