Skip to main content
SpringerLink
Log in

Fraudulent and malicious sites on the web

  • Published:
Applied Intelligence Aims and scope Submit manuscript

Abstract

Fraudulent and malicious web sites pose a significant threat to desktop security, integrity, and privacy. This paper examines the threat from different perspectives. We harvested URLs linking to web sites from different sources and corpora, and conducted a study to examine these URLs in-depth. For each URL, we extract its domain name, determine its frequency, IP address and geographic location, and check if the web site is accessible. Using 3 search engines (Google, Yahoo!, and Windows Live), we check if the domain name appears in the search results; and using McAfee SiteAdvisor, we determine the domain name’s safety rating. Our study shows that users can encounter URLs pointing to fraudulent and malicious web sites not only in spam and phishing messages but in legitimate email messages and the top search results returned by search engines. To provide better countermeasures against these threats, we present a proxy-based approach to dynamically block access to fraudulent and malicious web sites based on the safety ratings set by McAfee SiteAdvisor.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. 2006 TREC Public Spam Corpora. plg.uwaterloo.ca/~gvcormac/trecspamtrack06/

  2. America Online and the National Cyber Security Alliance. AOL/NCSA online safety study. www.staysafeonline.info/pdf/safety_study_2005.pdf, December 2005

  3. AOL hot searches in 2006. about-search.aol.com/hotsearches2006/index.html

  4. Google hot searches in 2006. googlesystem.blogspot.com/2006/12/top-searches-on-googlecom-in-2006.html

  5. Google. www.google.com

  6. host.info. www.hostip.info

  7. McAfee. Phishing and pharming: understanding phishing and pharming. www.mcafee.com/us/local_content/white_papers/wp_phishing_pharming.pdf, January 2006

  8. McAfee SiteAdvisor. www.siteadvisor.com

  9. Metaspy. www.metacrawler.com/info.metac/searchspy

  10. Online Phishing Corpus. monkey.org/~jose/wiki/doku.php?id=PhishingCorpus

  11. Squid. www.squid-cache.org

  12. Symantec Corporation. The Symantec Internet security threat report. www.symantec.com/enterprise/threatreport/index.jsp, September 2006

  13. Webroot Software, Inc. Automated threat research. research.spysweeper.com

  14. Windows Live. www.live.com

  15. Yahoo!. www.yahoo.com

  16. Bragin T (2007) Measurement study of the web through a spam lens. Technical Report TR-2007-02-01, University of Washington, Computer Science and Engineering

  17. Clayton R (2005) Insecure real-world authentication protocols (or why phishing is so profitable). In: 13th international workshop on security protocols, Cambridge, UK

  18. Dhamija R, Tygar J, Hearst M (2006) Why phishing works. In: Proceedings of the SIGCHI conference on human factors in computer systems

  19. Jagatic T, Johnoson N, Jakobsson M, Menczer F (2007) Social phishing. Commun ACM, to appear

  20. Moore T, Clayton R (2007) An empirical analysis of the current state of phishing attack and defense. In: 6th workshop on the economics of information security

  21. Moshchuk A, Bargin T, Gribble S, Levy H (2006) A crawler-based study of spyware on the web. In: Proceedings of the Internet society network and distributed system security symposium (NDSS)

  22. Stamm S, Ramzan Z, Jakobsson M (2006) Drive-by pharming. Technical Report TR641, Indiana University, Department of Computer Science

  23. Wang Y, Beck D, Jiang X, Roussev R, Verbowski C, Chen S, King S (2005) Automated web patrol with strider HoneyMonkeys: finding web sites that exploit browser vulnerabilities. In: Proceedings of the 14th USENIX security symposium

  24. Wessels D (2004) Squid: the definitive guide. O’Reilly and Associates

  25. Wu M, Miller R, Garfinkel S (2006) Do security toolbars actually prevent phishing attacks. In: Proceedings of the SIGCHI conference on human factors in computer systems

  26. Zhang Y, Egelman S, Cranor L, Hong J (2007) Phinding phish: evaluating anti-phishing tools. In: Proceedings of the 14th annual network and distributed system security symposium (NDSS 2007)

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, University of Calgary, Calgary, AB, Canada

    Ahmed Obied & Reda Alhajj

  2. Department of Computer Science, Global University, Beirut, Lebanon

    Reda Alhajj

Authors
  1. Ahmed Obied
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Reda Alhajj
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ahmed Obied.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Obied, A., Alhajj, R. Fraudulent and malicious sites on the web. Appl Intell 30, 112–120 (2009). https://doi.org/10.1007/s10489-007-0102-y

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10489-007-0102-y

Keywords

Search

Navigation