Phishing, an old and traditional attack, is still a thing.
Hundreds of phishing website are launched every day and it threats people around the world. Anti-Phishing Working Group (APWG) says that APWG detected 150,000+ phishing websites for the 3rd quarter of 2018.
Sometimes phishing actors make OPSEC failures and, thanks to that, researchers can obtain a phishing kit (a kit to deploy a phishing website).
We have collected 18,000+ phishing kits based on OSINT and analyzed mechanisms of phishing websites and phishing actors themselves.
In this presentation, we will show the following findings.
- How to collect phishing kits based on OSINT data.
- Analysis of phishing actors:
- Who develops a phishing kit, How to distribute it, etc.
- Including a methodology to find out a phishing actor based on information (email, username and signature) inside a phishing kit.
- We will show an analysis of Indonesian phishing actors who target Asian countries.
- Especially focusing on an actor named DevilScream/Z1Coder who develops an infamous phishing kit“16shop”.
Finally, we will show countermeasures we have taken against phishing websites and actors.