250 likes | 409 Views
Phi.sh/$oCiaL: The Phishing Landscape through Short URLs. Sidharth Chhabra * , Anupama Aggarwal † , Fabricio Benevenuto ‡ , Ponnurangam Kumaraguru †. * Delhi College of Engineering, † IIIT-Delhi, † Federal University of Ouro Preto. Motivation. Phishing via Short URLs.
E N D
Phi.sh/$oCiaL: The Phishing Landscape through Short URLs Sidharth Chhabra*, Anupama Aggarwal†, Fabricio Benevenuto‡, Ponnurangam Kumaraguru† *Delhi College of Engineering, †IIIT-Delhi, †Federal University of Ouro Preto
Most popular - June 2010 - January 2011 * • Most abused URL shortener • 23.48% of short URL services http://techblog.avira.com/en/
Analysis of Phishing Tweets containing Bitly • How is Bitly used by Phishers? • Who is Targeted ? • Which Locations are Affected ?
Data Collection Filtering Lookup API Phishing URLs Short URLs Analysis Brand Analysis Temporal Analysis Referral Analysis Geographical Analysis
1 January - 31 December, 2010 Dataset
990 public Twitter users who posted phish tweets 864 user accounts present at the time of analysis 2000 past tweets for each of 516 users Dataset
Space gain is fraction of space saved by using bit.ly For 50% URLs, Space Gain < 37%
213 inorganic 153 compromised 516 Twitter users 303 organic 150 legitimate Phish activity is majorly automated
Country was determined by using the Bit.ly statistics Brazil is most targeted followed by US and Canada
Reliance on PhishTank • 90% URLs offline when voted • Small number of active voters
URLs shorteners used to hide identity • Change in landscape of phishing - OSNs target • Phishing activity is automated • Lack of phishing communities • Brazil had highest phish URL clickthrough
Analyze the use of URL shorteners like goo.gl, tinyurl etc. • Develop an algorithm to detect phishing on Twitter
Thank You ! http://precog.iiitd.edu.in