Applied Intelligence

, Volume 30, Issue 2, pp 112–120 | Cite as

Fraudulent and malicious sites on the web



Fraudulent and malicious web sites pose a significant threat to desktop security, integrity, and privacy. This paper examines the threat from different perspectives. We harvested URLs linking to web sites from different sources and corpora, and conducted a study to examine these URLs in-depth. For each URL, we extract its domain name, determine its frequency, IP address and geographic location, and check if the web site is accessible. Using 3 search engines (Google, Yahoo!, and Windows Live), we check if the domain name appears in the search results; and using McAfee SiteAdvisor, we determine the domain name’s safety rating. Our study shows that users can encounter URLs pointing to fraudulent and malicious web sites not only in spam and phishing messages but in legitimate email messages and the top search results returned by search engines. To provide better countermeasures against these threats, we present a proxy-based approach to dynamically block access to fraudulent and malicious web sites based on the safety ratings set by McAfee SiteAdvisor.


Fraudulent Malicious Web Phishing Pharming Malware Spam Search engines Crawlers Proxy 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    2006 TREC Public Spam Corpora.
  2. 2.
    America Online and the National Cyber Security Alliance. AOL/NCSA online safety study., December 2005
  3. 3.
  4. 4.
  5. 5.
  6. 6.
  7. 7.
    McAfee. Phishing and pharming: understanding phishing and pharming., January 2006
  8. 8.
    McAfee SiteAdvisor.
  9. 9.
  10. 10.
  11. 11.
  12. 12.
    Symantec Corporation. The Symantec Internet security threat report., September 2006
  13. 13.
    Webroot Software, Inc. Automated threat research.
  14. 14.
    Windows Live.
  15. 15.
  16. 16.
    Bragin T (2007) Measurement study of the web through a spam lens. Technical Report TR-2007-02-01, University of Washington, Computer Science and Engineering Google Scholar
  17. 17.
    Clayton R (2005) Insecure real-world authentication protocols (or why phishing is so profitable). In: 13th international workshop on security protocols, Cambridge, UK Google Scholar
  18. 18.
    Dhamija R, Tygar J, Hearst M (2006) Why phishing works. In: Proceedings of the SIGCHI conference on human factors in computer systems Google Scholar
  19. 19.
    Jagatic T, Johnoson N, Jakobsson M, Menczer F (2007) Social phishing. Commun ACM, to appear Google Scholar
  20. 20.
    Moore T, Clayton R (2007) An empirical analysis of the current state of phishing attack and defense. In: 6th workshop on the economics of information security Google Scholar
  21. 21.
    Moshchuk A, Bargin T, Gribble S, Levy H (2006) A crawler-based study of spyware on the web. In: Proceedings of the Internet society network and distributed system security symposium (NDSS) Google Scholar
  22. 22.
    Stamm S, Ramzan Z, Jakobsson M (2006) Drive-by pharming. Technical Report TR641, Indiana University, Department of Computer Science Google Scholar
  23. 23.
    Wang Y, Beck D, Jiang X, Roussev R, Verbowski C, Chen S, King S (2005) Automated web patrol with strider HoneyMonkeys: finding web sites that exploit browser vulnerabilities. In: Proceedings of the 14th USENIX security symposium Google Scholar
  24. 24.
    Wessels D (2004) Squid: the definitive guide. O’Reilly and Associates Google Scholar
  25. 25.
    Wu M, Miller R, Garfinkel S (2006) Do security toolbars actually prevent phishing attacks. In: Proceedings of the SIGCHI conference on human factors in computer systems Google Scholar
  26. 26.
    Zhang Y, Egelman S, Cranor L, Hong J (2007) Phinding phish: evaluating anti-phishing tools. In: Proceedings of the 14th annual network and distributed system security symposium (NDSS 2007) Google Scholar

Copyright information

© Springer Science+Business Media, LLC 2007

Authors and Affiliations

  1. 1.Department of Computer ScienceUniversity of CalgaryCalgaryCanada
  2. 2.Department of Computer ScienceGlobal UniversityBeirutLebanon

Personalised recommendations