Re: phishing sites report - March/2005

[Daniel Golding <dgolding () burtongroup com>]

Forgive me for being skeptical, but...

How do you come up with these? Are these the direct upstream ISPs of the
phishing sites or the next hop AS's from your test site?

Is there a link to the original data?

- Dan

On 3/28/05 12:25 PM, "Gadi Evron" <gadi () tehila gov il> wrote:

> Below is a periodic public report from the Malicious Websites and
> Phishing research and mitigation mailing list (a sub-group of the drone
> armies / botnets research and mitigation mailing list).
> For this report it should be noted that we base our analysis on the data
> we have accumulated from various sources.
>
> According to our incomplete analysis of information we have thus far, we
> now publish the following report.
>
> Notes on the report:
> * The report is in descending order.
> * In the listing are also included suspected child pornography sites,
>    however, their numbers are not large enough to effect the statistics.
>
>
> Number of phishing sites found: 276.
>
>
> The ISP's that are most often plagued with phishing sites:
> ----------------------------------------------------------
> ASN     Responsible Party
> 14780   INKTOMI-LAWSON - Inktomi Corpo
> 14779
> 13768   PEER1 - Peer 1 Network Inc.
> 21844   THEPLANET-AS - THE PLANET
> 1668    AOL-ATDN - AOL Transit Data Ne
> 4134    CHINANET-BACKBONE No.31 Jin-ro
> 29761   OC3-NETWORKS-AS-NUMBER - OC3 N
> 27699   TELECOMUNICACOES DE SAO PAULO
> 15201   Universo Online Ltda.
>
> * We would gladly like to establish a trusted relationship with
>    these and any organizations to help them in the future (especially the
>    attacked eCommerce sites and the hosting service providers).
>
> * By previous requests here is an explanation of what "ASN" is, by Joe
>    St Sauver:
>    http://darkwing.uoregon.edu/~joe/one-pager-asn.pdf

-- 
Daniel Golding
Network and Telecommunications Strategies
Burton Group