SIDN detects hundreds .nl phishing sites with popular brands

Jul

27

2016

SIDN has a profiler developed by SIDN Labs in collaboration with TNO, detected 675 phishing sites with .com domain names are active that popular brand names misused for phishing.

SIDN took a list of fifty-known brand names and made a scan of the .nl zone in order to map domain names which contain words that are identical or similar to those brand names. The results are then analyzed by a profiler that SIDN Labs and TNO developed.

The profiler combines some simple data from websites, to find out for what purpose the site is used. The tool scans among other techniques used and the content of sites, to provide them with an attribute. This feature may be that it is a normal site, a site that is used only for e-mail, an ad network, a site that is for sale or so a phishing site. “An allocated account is not a 100 percent guarantee, but it is very likely that the domain name is used for the purpose for which the profile indicates”, SIDN says.

SIDN came to 30,357 .nl domain names with names in it, of which 2.2 percent is regarded as a phishing site. 1.3 percent of the total content was removed by the hoster, which the foundation is also an indication of malpractices.

Many phishing domains focus on banks and other financial organizations: on average there were eighteen such domain names per brand. For whatever brand it is to Pim Pastoors, product manager of SIDN not say, but he refers to an earlier study by the Fraud Helpdesk, where the names of only six companies were abused in 80 percent of phishing emails, including ING, Rabobank, ABN AMRO , Intrum Justitia.

The profiler is part of the Domain Name Monitoring Service SIDN. “On this basis we will send automated alerts to registrars, who then can take action and customers can report that it is probably an abusive -site” says Pastoors. SIDN will often create these lists to indicate trends.

Viewing:-76

In: Technology & Gadgets Asked By: [15171 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »