Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Incident Response

New Project Informs Security Teams of Phished Users

A newly launched project wants to help inform IT security representatives and domain owners when their users fall victim to phishing.

A newly launched project wants to help inform IT security representatives and domain owners when their users fall victim to phishing.

Named ‘I got phished’ and coming from malicious activity monitoring site abuse.ch, the project collects information on users who became victims of phishing by entering their credentials on a phishing website.

“The purpose of the project is to notify security representatives such as CERTs, CSIRTs, SOCs but also domain owners about potential phishing victims within their constituency,” the service’s maintainer explains.

The data is not generated by ‘I got phished’ or by abuse.ch, but comes from third-party, trusted IT security researchers. Thus, the project is not interested in how the data was procured or its accuracy.

As part of the project, only the email addresses of the victims that got phished are stored, as they are needed to notify the service’s users about the compromise.

‘I got phished’ does not store passwords and doesn’t directly notify phishing victims either, which sets it apart from Have I Been Pwned, the service maintained by Australian cybersecurity expert Troy Hunt.

The service only accepts submissions from vetted security researchers and only sends notifications to IT security representatives and domain owners, based on the domain name.

“If you are an individual (user), it is not possible to register your email address on I got phished. I got phished reports based on the domain name and not on an individual email address,” the service’s maintainer explains.

Security teams and domain owners can register to ‘I got phished’ to receive notifications if their corresponding domain name is present in newly added data sets. Only domain names can be registered, but not sub-domains.

The service also provides an API that vetted security researchers can use to feed data on phishing victims.

To date, ‘I got phished’ has over 2,000 registered users and information on more than 4,100 domains whose users fell victim to phishing, with 5,400 email addresses compromised in phishing attacks.

Related: Advanced “16Shop” Phishing Kit Expands Offerings

Related: Europol on Methodology Behind Successful Spear Phishing Attacks

Related: Understand More About Phishing Techniques to Reduce Your Digital Risk

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Nation-State

The North Korean APT tracked as TA444 is either moonlighting from its previous primary purpose, expanding its attack repertoire, or is being impersonated by...

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.

Management & Strategy

Microsoft making a multiyear, multibillion dollar investment in the artificial intelligence startup OpenAI, maker of ChatGPT and other tools.

Cyberwarfare

The UK’s NCSC has issued a security advisory to warn about spearphishing campaigns conducted by two unrelated Russian and Iranian hacker groups.

Incident Response

Cygnvs emerges from stealth mode with an incident response platform and $55 million in Series A funding.