What is your average takedown time of a phishing site?
There is no “average” takedown time. Each attack has different characteristics, sources and potential impact, so the notion of “average” takedown time is very misleading. Simple attacks can be taken down in a matter of minutes, while some of the more sophisticated attacks - particularly those originating outside North America - can take several hours to address. Our experience and relationships allow us to provide the best possible takedown results. We also work with each client to make sure expectations are set to match their situation.
What is ‘Vishing’ and how can it be prevented?
Vishing is the criminal practice of using Voice over IP (VoIP) to gain access to the public’s private, personal and financial information for the purpose of financial reward for the criminal.
The term is a combination of ‘voice’ and ‘phishing’ and exploits the public’s trust in landline telephone services. Vishing is very hard for legal authorities to monitor or trace.
When a vishing attempt has been identified with an accompanying phone number, BD-BrandProtect can immediately call the number to assess what communication takes place. Once that information has been obtained, we use various resources to identify the issuing phone company.
BD-BrandProtect will work with the CERTs and the Federal Communications Commission to get the phone line disabled as fast as possible. We then continue to monitor the phone number at regular intervals until it has been disabled, and for a predetermined period after that.
Note: This is an added and optional BD-BrandProtect solution.
What is Rock Phishing and how can it be prevented?
In a Rock Phishing attack the perpetrators register a large quantity of domains. These are used to host scripting files that send and receive information from the perpetrator’s main host.
Rock Phishing attacks are hosted in such a way that they can be displayed on any compromised machine controlled by the perpetrators. Advanced scripting set up by the fraudsters allows the domains to move from ISP to ISP without any human interaction. These attacks are more effective then the run-of-the-mill phishing attack due to the significant difficulties encountered when attempting to shut these domains down.
ISPs cannot assist in shutting these attacks down, as they are not physically hosted on the compromised machine. Rather the machine is simply used as a drone to display the fraudulent site.
BD-BrandProtect’s primary point of contact for Rock Phishing attacks are the Registrars. Registrars have the ability to suspend the Domain Record, which effectively shuts down the attack on that domain. When required, BD-BrandProtect will also contact the DNS hosts to shut down any fraudulent Name Servers.
Generally the fraudsters use between 25 and 50 domains per day until they exhaust their list of fresh domains. With Rock Phishing, it is not unusual to see 100 to 250 domains appear over a two-week timeframe. The registrar for each of those domains must be contacted in order to disable them.
What is a Man-in-the-Middle Phishing attack?
“Man-in-the-Middle” Phishing attacks happen in two ways:
1. Phishers create complex, but identical sites of a bank or institution. The sites are pre-built and allow for quick deployment of the phishing site on the Internet.
2. Phishers plant a Trojan into the victim’s machine while the victim is communicating with his bank. The Trojan then captures the confidential data in real time.
Download:  Frequently Asked Questions: Phishing |
