CONFERENCE Cyber AI & Automation Summit - Watch Sessions
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Incident Response

New Project Informs Security Teams of Phished Users

A newly launched project wants to help inform IT security representatives and domain owners when their users fall victim to phishing.

A newly launched project wants to help inform IT security representatives and domain owners when their users fall victim to phishing.

Named ‘I got phished’ and coming from malicious activity monitoring site abuse.ch, the project collects information on users who became victims of phishing by entering their credentials on a phishing website.

“The purpose of the project is to notify security representatives such as CERTs, CSIRTs, SOCs but also domain owners about potential phishing victims within their constituency,” the service’s maintainer explains.

The data is not generated by ‘I got phished’ or by abuse.ch, but comes from third-party, trusted IT security researchers. Thus, the project is not interested in how the data was procured or its accuracy.

As part of the project, only the email addresses of the victims that got phished are stored, as they are needed to notify the service’s users about the compromise.

‘I got phished’ does not store passwords and doesn’t directly notify phishing victims either, which sets it apart from Have I Been Pwned, the service maintained by Australian cybersecurity expert Troy Hunt.

The service only accepts submissions from vetted security researchers and only sends notifications to IT security representatives and domain owners, based on the domain name.

“If you are an individual (user), it is not possible to register your email address on I got phished. I got phished reports based on the domain name and not on an individual email address,” the service’s maintainer explains.

Advertisement. Scroll to continue reading.

Security teams and domain owners can register to ‘I got phished’ to receive notifications if their corresponding domain name is present in newly added data sets. Only domain names can be registered, but not sub-domains.

The service also provides an API that vetted security researchers can use to feed data on phishing victims.

To date, ‘I got phished’ has over 2,000 registered users and information on more than 4,100 domains whose users fell victim to phishing, with 5,400 email addresses compromised in phishing attacks.

Related: Advanced “16Shop” Phishing Kit Expands Offerings

Related: Europol on Methodology Behind Successful Spear Phishing Attacks

Related: Understand More About Phishing Techniques to Reduce Your Digital Risk

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Don’t miss this Live Attack demonstration to learn how hackers operate and gain the knowledge to strengthen your defenses.

Register

Join us as we share best practices for uncovering risks and determining next steps when vetting external resources, implementing solutions, and procuring post-installation support.

Register

People on the Move

Shanta Kohli has been named CMO at Sysdig.

Cloud security firm Sysdig has appointed Sergej Epp as CISO.

F5 has appointed John Maddison as Chief Product Marketing and Technology Alliances Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.