Title: Phorecasting Phishing Attacks: A New Approach for Predicting the Appearance of Phishing Websites

Issue Number: Vol. 5, No. 3
Year of Publication: Nov - 2016
Page Numbers: 142-154
Authors: Brad Wardman, Dan Clemens, Joseph Wolnski
Journal Name: International Journal of Cyber-Security and Digital Forensics (IJCSDF)
- Hong Kong
DOI:  http://dx.doi.org/10.17781/P002156


Phishing is a multi-billion dollar business. The antiphishing industry continues to pursue new strategies to thwart and investigate phishing attacks. Detection strategies include algorithms to detect new phishing websites using email-, URL-, and content-based approaches. Investigative strategies include clustering algorithms using drop email addresses, WHOIS registration information, and website content, as well as subpoenaing phishers’ mailboxes to determine the amount of information phished from victims. Until now, information predicting the implementation of new phishing websites has seldom been shared with the public. In this research we present a set of methods that demonstrate a relationship between phishers and defacers. Highlighting this relationship assists in building substantial defenses and law enforcement cases against this threat and shows that the proposed strategy can be used to predict when and where new phishing websites and related attacks will surface next.