Forgive me for being skeptical, but... How do you come up with these? Are these the direct upstream ISPs of the phishing sites or the next hop AS's from your test site? Is there a link to the original data? - Dan On 3/28/05 12:25 PM, "Gadi Evron" <gadi@tehila.gov.il> wrote:
Below is a periodic public report from the Malicious Websites and Phishing research and mitigation mailing list (a sub-group of the drone armies / botnets research and mitigation mailing list). For this report it should be noted that we base our analysis on the data we have accumulated from various sources.
According to our incomplete analysis of information we have thus far, we now publish the following report.
Notes on the report: * The report is in descending order. * In the listing are also included suspected child pornography sites, however, their numbers are not large enough to effect the statistics.
Number of phishing sites found: 276.
The ISP's that are most often plagued with phishing sites: ---------------------------------------------------------- ASN Responsible Party 14780 INKTOMI-LAWSON - Inktomi Corpo 14779 13768 PEER1 - Peer 1 Network Inc. 21844 THEPLANET-AS - THE PLANET 1668 AOL-ATDN - AOL Transit Data Ne 4134 CHINANET-BACKBONE No.31 Jin-ro 29761 OC3-NETWORKS-AS-NUMBER - OC3 N 27699 TELECOMUNICACOES DE SAO PAULO 15201 Universo Online Ltda.
* We would gladly like to establish a trusted relationship with these and any organizations to help them in the future (especially the attacked eCommerce sites and the hosting service providers).
* By previous requests here is an explanation of what "ASN" is, by Joe St Sauver: http://darkwing.uoregon.edu/~joe/one-pager-asn.pdf
-- Daniel Golding Network and Telecommunications Strategies Burton Group