by Mike Masnick

Should Hosting Companies Be On The Lookout For Phishing Sites?

from the whose-responsibility? dept

Part of the trouble with phishing attacks is that it's a combination of different things, including setting up a misleading domain, spamming people, and then tricking recipients into filling out their info. That means there are also multiple ways of trying to crack down on phishing scams, from education to stopping spam to checking to see if site URLs are really owned by the company in question. However, one other method may be to stop questionable looking URLs from being registered in the first place. Anti-spam group Spamhaus ran a quick study and noticed that some major hosters, such as Yahoo, seem to be hosting a lot of URLs that have the words eBay, PayPal or bank in the URL. That may be a cause of some concern, but it's not illegal to have such a domain name (unless it's done in a way that violates trademark by confusing visitors). Obviously, though, domains like that may deserve greater scrutiny to see if they're being used in phishing scams. So, the question is, who is responsible for the checking? Should hosting sites and registrars monitor the domain names that are hosted and registered with them? Or does that go beyond their responsibility?

Reader Comments

Subscribe: RSS

View by: Time | Thread

  • identicon
    phishing squirrel, 6 Sep 2005 @ 11:11am

    At least the ISPs and hosting houses can respond t

    I would think that there should be some sort of accellerated response to complaints about phishing, and ID theft. All it takes is a protected browser, and a script to blast web pages offline if you are a hosting house. And someone to check the complaints, of course.

    These things can persist for days, weeks, and months, however.

    reply to this | link to this | view in chronology ]

    • identicon
      Conrad, 6 Sep 2005 @ 4:58pm

      Re: At least the ISPs and hosting houses can respo

      I own a hosting company, and I would have to agree with the responder above, and point out a small flaw in the article logic.

      Yes, hosters do have a upmost responsibility to respond in a more-than-timely manner to complaints about phishing activities. Any host that does not respond in a timely fashion should be taken down by thier ISP (I feel).

      However, it simply is not possible to check all urls and all domain names to see if any one of them have any phishing activity. Yes, hosters should have a flag system - where they flag new customers with suspicious domains internally and check in from time to time (as I do). However, even domains with not-obvious names can be used for bad purposes, and domains with phishing-sounding names can be legit.

      Worse still is that with each new domain registered, there is no history with that client to say they wont put phishing pages on thier site. With the transfer of existing domains, you can see the customers old content and check them out - but with new domains, its blind faith.

      Even domains that the hoster has had for years can suddenly go bad - as some have for us. Even years of good service and a good domain, they decided that they couldnt be caught, and were taken offline by us at the first complaint.

      Again - with all the thousands of domains we host, and the sheer numbers of URLs possible in those domains, it is NOT possible to proactively check each web page. But a agressive responce policy to complaints and a general 'checking out' of customers sites can help the community as a whole avoid these issues.

      reply to this | link to this | view in chronology ]

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Techdirt Gear
Shop Now: Techdirt Logo Gear
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories
Report this ad  |  Hide Techdirt ads


Email This

This feature is only available to registered users. Register or sign in to use it.