Castlecops And Sunbelt Software Announce Anti-phishing Task Force (pirt)

Recommended Posts

CLEARWATER, Fla.--(BUSINESS WIRE)--March 27, 2006--CastleCops, a globally oriented security and privacy site, and Sunbelt Software, a leading provider of Windows security software, announced today a new anti-phishing task force designed to help consumers and businesses combat the unending scourge of phishing scams and online identity theft.

The task force, called the Phishing Incident Reporting and Termination (PIRT) Squad, is a community at CastleCops solely dedicated to taking down phishing sites. The community consists of members who report new phishing scams as well as highly experienced security researchers ("handlers") that handle incoming reports of phishing websites and are responsible for performing immediate action to terminate the criminal activity.

The PIRT Squad works as a complement to existing organizations such as the Anti-Phishing Working Group (APWG). The primary difference between PIRT and other organizations is that PIRT is focused solely on aggressively terminating phishing sites. PIRT will work with other security organizations and, if necessary, law enforcement, to provide information for security and forensic analysis.

"The reason this group was formed is to give consumers direct access to a dedicated task force that will take immediate and aggressive action to shutting down phishing sites," said Paul Laudanski, president of CastleCops.

"While there is a very active professional security community performing outstanding research and forensics on phishing sites, it's our experience that many of these phishing sites themselves aren't immediately reported to the ISP, or in the case of compromised sites, to the domain owner. This effort adds one more layer to the fight against phishing, making it increasingly more difficult for the criminals to perpetrate their scams on innocent users," said Alex Eckelberry, president of Sunbelt Software.

What types of sites host phishing scams?

Most phishing sites are run on innocent websites that have been compromised. Others are run on servers at legitimate web hosting or freehosting sites. In some cases, phishing sites are run on servers managed by questionable ISPs.

Isn't it impossible to get many of these sites shut down?

Getting sites shut down is not impossible. However, it can be challenging, and in many cases, requires a deft combination of science and art, especially when a site is hosted in Eastern European or Asian countries. Based on its research, PIRT estimates that the success rate in shutting down a phishing site will be between 40%-50% of the sites identified. However, this number is expected to increase as the organization matures.

How will PIRT get phishing sites shut down?

PIRT Handlers will use all available avenues to rapidly shut down phishing sites. These include working with domain owners who have been compromised, contacting ISPs and, if necessary, working with law enforcement.

How are Handlers trained?

Handlers are trained by other CastleCops handlers in how to identify and shutdown phishing sites.

Are PIRT members paid?

PIRT is run completely by volunteers.

How does someone report a phish to PIRT?

Users can go to to submit a phish through a web-based system, or by email to [email protected].

How do people learn more or become members of the PIRT squad?

Go to We encourage as many people as possible to join.

Full Article Here

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.