Domain Keywords Used to Spot Phishing Sites

March 6, 2015

Via: phishing

Criminals setting up fake domains for phishing are prone to use the same words over and over and spotting those words can help identify malicious sites, according to a new threat detection model from .Words like “update,” “security,” “login,” “billing,” when combined with a legitimate base name — or its misspelled variation — are common indicators of phishing sites, said Andrew Hay, director of security research at San Francisco-based OpenDNS.OpenDNS has assembled a list of these , as well as a list of domains commonly targeted by spammers.The idea comes from algorithms mostly commonly used in fields such as bioinformatics and data mining, and uses natural language processing techniques.

Read More