Home page logo

pauldotcom logo PaulDotCom mailing list archives

Re: How to detect phishing and spoofed websites
From: Robert Cazares <robertcazares () gmail com>
Date: Thu, 13 Dec 2012 14:52:50 -0800

Aye mateys and mateyettes,

I'm such a stickler for review, review, review, have someone else
review, then maybe review again, then release to the wild.

What I refer to is a typo in the morningstarsecurity.com/research/urlcrazy page.

And that typo is a reference to google.com that is spelled "goole.com".
Silly, I know. But when you're talking about a tool that checks for
these types of things, phishing/spoofing, one-letter-off web site
names and their brethren, please please please spell check before
Whew (. . .)

Find it here -
Popularity Estimate

We can estimate the relative popularity of a typo by measuring how
often that typo appears on webpages. Querying goole.com for the number
of search results for a typo gives us a indication of how popular a
typo is.

I have not run the tool myself, BUT it looks like a great tool to have
in your kit.

I have security questions and will return soon enough.

Six, two and even
Over and out

- Robert

On Thu, Dec 13, 2012 at 7:09 AM, swierckxlists <swierckxlists () gmail com> wrote:
Hi Brian,

Part of the research/finding out if this is happening to you or your company
can be automated using the URLCrazy tool
(http://www.morningstarsecurity.com/research/urlcrazy), the tool has been
reviewed / described in this blog post:

Strider is a similar tool by Microsoft but URLCrazy is open source and can
be adapted to your needs if further automation is needed.



On 12/12/2012 15:43, Brian Erdelyi wrote:

Good morning everyone,

I'd like to create a guide and checklist for detecting phishing attacks.
I want to focus on server side.  What can a website admin do to detect
phishing attacks and spoofed websites?  What can a web app developer do to
make it easier to detect phishing attacks and spoofed websites?
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
Main Web Site: http://pauldotcom.com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]