How easy it is for phishers to bypass the current anti-phishing blacklists like Google safe browsing

What is it about?

Basically, the idea is simple, we show that wherever phishers use some simple techniques like Google reCAPTCHA, it's impossible for current anti-phishing engines like Google safe browsing to capture and blacklist that phishing page. Apart from reCAPTCHA, we introduce 2 other techniques which phishers are using in their phishing pages: 1 - Alertbox message: only showing the phishing page if the user clicks on the alertbox message (in JavaScript). 2 - Session-based phishing: Using two pages: the first one is benign with just to convince users to click the "continue" or "sign in" button and the second page which is loaded via AJAX request is malicious and phishing attack. The only way to see the second page is to go through the first page. We put the source code (in PHP and JavaScript) in the appendix of the paper.

Featured Image

Why is it important?

This is important because if these techniques use by phishers at scale, then the end-users are defenceless against these attacks and anti-phishing engines are useless!