Antiphishing filters basically work eitheron block listing or on heuristics. "Rock phish" attacks are quite arecent phenomenon that has posed a major challenge to both of the abovementioned antiphishing filters, simply because the unique structure ofa Rock phish attack circumvents antiphishing filters. This phishingtechnique can be traced back to somewhere around August 2006. The URLstructure was comparatively simpler then, consisting of a randomizedroot domain and three sub folders. But the principle cause in therecent surge in the number of such attacks is traced to the botnetphenomenon. So, what then is so special about Rock phish? Well, thistechnique has a trademark method of striking naïve targets.
The URLs that navigate to the fraudulent Web sites have a uniquestructure. For example, the structure of this URL is Rock phishingspecific: http://www.xxx.xxx.user123990.com/login/challange/2b593cba/login.php.As a matter of fact,...
