Honey Tokens and Web Bugs: Developing Reactive Techniques for Investigating Phishing Scams
暂无分享,去创建一个
ABSTRACT This article presents a technique for investigating phishing scams. While most anti-phishing efforts focus on preventative measures, or reactive investigation techniques that are not specific to the domain of phishing, this technique applies the concepts of honeytokens and web bugs in a way that may reveal previously unknown information about the phisher. The objective of this work is to develop new ways of addressing phishing scams by exploiting vulnerabilities in the tools and methods used by the phishers. A review of phishing and current anti-phishing techniques is included, along with an introduction to honeytokens and web bugs. The technique is presented with preliminary data to demonstrate promise of the concept.
[1] Leslie Daigle,et al. WHOIS Protocol Specification , 2004, RFC.
[2] David Geer. Security technologies go phishing , 2005, Computer.
[3] J. Doug Tygar,et al. The battle against phishing: Dynamic Security Skins , 2005, SOUPS '05.
[4] Hailin Wu,et al. Hidden surveillance by Web sites: Web bugs in contemporary use , 2003, CACM.