#infosec community I've recorded the #threatactoremail from each #phishingkit for the last year & started tracking them out on @GitHub to share with you. My hope is this can somehow be used to fight the onslaught of #phishing seen daily See the list
I have 500 phishing kits so far and the data paints some interesting pictures. Such as 82% of the phishing kits I tracked use a @Gmail account to receive the stolen creds. I've also found threat actors that re-use so you can perhaps link together campaigns.
A big thank you, all the credit for the data goes to the #infosec community on twitter that hunts and finds all the evil #phishing sites such as
and everyone else in the community
If anybody knows people @Gmail , @Yandex, @Yahoo, @Zoho, @ProtonMail that care about this type of data and could perhaps help the #infosec community start streamline reporting or detection of these email accounts that receive stolen creds daily that's be sweet.
If anybody knows a better place to upload zipped up phishing kits than VT , I'd love to be sharing and archiving them somewhere the whole community has access to.
If anybody every has #phishing threat actor emails they wanted appended to this list just CC me and I'll do my best to get them added
If anybody has suggestions on better ways to do this & share w/ the community, extra data/fields to track, etc. I'm all open ears, for example if somebody wanted to build a tracker website for the community to use you'd be my hero !
Otherwise, HAPPY FRIDAY