Clustering of Phishing Attacks

Clustering of Phishing Attacks

4 In a recent report we showed how we are able to gain better understanding of phishing attacks and attackers by using cluster analysis. This post lays out in greater detail how to create those clusters by examining the features and methods used.For the study, we used the data collected over the course of more than a year in tracking and taking down phishing cases on behalf a major U.S. financial institution. This data contains everything related to the management of each case, including the Whois details of the domain where the attack was hosted, as well as related RRSet records and the HTML code of the criminal’s phishkit. In total, we collected 3,030 phishing attacks that took place between September and December 2015. [Read More]