Wednesday 5 October 15:00 - 15:30, Green room
Cristian Dantus (Bitdefender)
Marius Tibeica (Bitdefender)
Phishing is a widespread phenomenon that is steadily growing. Professional individuals use advanced tools like phishing kits and automated mailers to cause substantial financial losses. There are even Facebook groups where they share mail lists and compromised servers or GitHub repositories with toolkits.
Phishers' methods may be growing in sophistication, but we can use some of their own tools — such as various tracking services that check the impact of their phishing campaigns — to find ways to identify them.
The second part of the paper is focused on offering a possible solution for protection against phishing at browser level. We will see how generating a blacklist of tracking IDs used in malicious websites fares in detecting new phishing campaigns and the limits of this approach. We will also perform an analysis of the identified phishers, which includes the average usage time of the same ID, variation of phishing templates, frequency of new phishing domains launched, IPs and TLDs analysis, and so on.
Cristian Dantus joined the Bitdefender team in 2015 as an online threat analyst. His research focuses mainly on phishing attacks. He has vast experience in data analysis, studying fraudulent websites and phishing trends.
Marius Tibeica was born in Iasi, Romania, in 1987. He joined Bitdefender in 2008, while still a student, and is now leading the Online Threats and Web Filtering team. He is a science enthusiast and likes to build tools that help gaming communities.