Title | ||
---|---|---|
What Happens After You Leak Your Password - Understanding Credential Sharing on Phishing Sites. |
Abstract | ||
---|---|---|
Phishing has been a big concern due to its active roles in recent data breaches and state-sponsored attacks. While existing works have extensively analyzed phishing websites and their operations, there is still a limited understanding of the information sharing flows throughout the end-to-end phishing process. In this paper, we perform an empirical measurement on the transmission and sharing of stolen login credentials. Over 5 months, our measurement covers more than 179,000 phishing URLs (47,000 live phishing sites). First, we build a measurement tool to feed fake credentials to live phishing sites. The goal is to monitor how the credential information is shared with the phishing server and potentially third-party collectors on the client side. Second, we obtain phishing kits from a subset of phishing sites to analyze how credentials are sent to attackers and third-parties on the server side. Third, we set up honey accounts to monitor the post-phishing exploitation activities from attackers. Our study reveals the key mechanisms for information sharing during phishing, particularly with third-parties. We also discuss the implications of our results for phishing defenses.
|
Year | DOI | Venue |
---|---|---|
2019 | 10.1145/3321705.3329818 | AsiaCCS |
Keywords | Field | DocType |
Phishing, Measurement, Honey Account | Server-side,Client-side,Internet privacy,Phishing,Computer security,Computer science,Login,Password,Data breach,Credential,Information sharing | Conference |
ISBN | Citations | PageRank |
978-1-4503-6752-3 | 1 | 0.36 |
References | Authors | |
0 | 6 |
Name | Order | Citations | PageRank |
---|---|---|---|
Peng Peng | 1 | 17 | 4.78 |
Chao Xu | 2 | 5 | 12.01 |
Luke Quinn | 3 | 1 | 0.36 |
Hang Hu | 4 | 17 | 7.11 |
Bimal Viswanath | 5 | 1524 | 59.15 |
Gang Wang | 6 | 52 | 6.97 |