Author Topic: PhishTank  (Read 4938 times)

0 Members and 1 Guest are viewing this topic.

October 20, 2011, 12:36:48 pm
Read 4938 times

hhhobbit

  • Special Access
  • Full Member

  • Offline
  • *

  • 54
I wish PhishTank had a malware button so we could just punch that as we review the links.  Your only choice is to click "Not a Phish" which definitely is a downer.   Here are two of them:

One - Trojan Downloader Banload:
http://lojasmya.net/Fotos/upgrade_.php?comunica_mudanca.htm
---> bit.ly/pgWyB6
---> dc437.4shared.com/download/r8MfzyH5/DOWN_17_10_2011_PDF.cpl?comunicados_.PDF.cpl
Jotti Scan:
http://preview.tinyurl.com/3tzggk9
Comment:  I block bit.ly at Securemecca.com.  I have no idea how long hostsfile.org will hang in there.  The owner wants to shut it down.

Two - Trojan Downloader Banload:
cobrancaswebnet.com/boleto2/index.php?cobranca/
Jotti Scan:
http://preview.tinyurl.com/3g2952a

I suggest somebody contact the OpenDNS / PhishTank people to get that button.  It is needed for two reasons.  First, I have no idea how many people reviewing those links are using Microsoft Windows.  The first of these has only 4/20 that recognize it.  Some of the others that redirect to malware have 0/20.  You want to get those out of the reviewal chain ASAP. Second, saying it isn't a phish just doesn't cut it.  It sounds like you are saying it is okay when in fact it is definitely NOT okay.  OpenDNS could and should give these malicious URLs to MalwareDomainList and others.

Until OpenDNS sees the light, could we make this a perpetual thread some place?  I have noticed a definite up-trend in malicious URLs at PhishTank.  But I have rarely gone a session which rarely goes past 3-4 dozen before I always seem to get a few malware.  Basically OpenDNS, is throwing them out the door.