Phisherman: A Phishing Data Repository

Phishing is a wide spread and rapidly evolving form of electronic identity theft that attempts to gather personally identifying information from unwitting victims, often through social engineering. The "classic" phishing attack starts with a "lure" (unsolicited e-mail) that directs recipients to a fraudulent Web site that appears to be that of a well-known company, government agency, or other organization. Publishing data is collected by numerous organizations, resulting in many disjoint collections of varying quality and content. The goal of the Phisherman project is to create a single information resource available that provides ready access to ongoing and historical phishing attacks for first-responders, brand owners, researchers, and law enforcement. The challenges include rapid automated validation to cope with the increasing scale of the attacks, and privacy protection, particularly when attacks are targeted at specific individuals.