I received a pretty convincing spam/phishing email pretending to be from Apple today that certainly caught my attention. It was offering 80% discounts on the “new” Adobe Creative Suite, CS5, with Photoshop at $100. What I guess made it vaguely convincing at first was that since the launch of the mac app store, there has been a few severely discounted bits of software. Like Apple’s Aperture went from £169 to £44.99, and I think that’s left people wondering if Adobe will get in on the actions. Chances are they won’t even at full price. Pro apps don’t appear to be there, mainly because of the sheer size of the downloads (FCP is maybe 6DVDs, some 22+GB if I remember correctly).
I straight away tweeted it and then searched for phishing tweets. Twitter isn’t exactly the white hat’s first place to look this stuff up, I’m sure there’s more professional sources, but there’s definitely power in the crowd.. I wonder if it could work as a crowd sourced early warning system for this kind of thing, just to spread the word. I’m sure it already does.
I had a bit of an idea for a service, but with everything it’s a bit hard for me to get into every kind of project. It’s probably not new since it seemed so obvious when I thought about it, and I’ve not looked much into this but it seemed like a good idea to put the idea down somewhere, here seemed as good a place as any.
I’ll start with a sinister thought, just because I’ve been reading Daniel Suarez again. Grab the users who are tweeting the phishing scam keywords and target them with more spam, whether via twitter.. or worse. These days there’s always a bit of social networking data floating around on you so it’s probably not too hard to find out an email address or other way in from your twitter account. I just got that pang of fear as I punched the tweet button that these days it’s not exactly hard to be found saying something or other.. stick your face on it and some location data and suddenly you’re making real world enemies! Anyway, enough random unfounded paranoia
So would it be possible to keep track of phishing with a set of twitter searches, analyse the tweets with the word phishing etc. in and issue some form of early warning system? Setup some honeypots or get the community to submit the emails for analysis. This data could then be integrated live into mail filtering to stamp out these emails. I suppose spam filters would pick this kind of thing up unless they’d spoofed the sender’s address, I’m pretty sure Apple doesn’t send offers of OEM priced software from random Hotmail accounts either!
I have seen a couple of sites with RSS feeds dedicated to phishing scams but looks like they focus on ones from money institutions, mostly listing ebay and major banks. I’m half surprised that there’s not more facebook phishing going on, since I personally get a high volume of update emails, wouldn’t be too hard for that to slip by. I don’t often click the links in those emails though, maybe just out of mistrust for email in general.
These guys seem to be on it, helping provide takedown of phishing sites www.fraudwatchinternational.com, but still, something crowd sourced and open might be a fun project too..