Story: exercise in futility proves futile.
Spammers have been tweaking their evasions for twenty years. Why on Earth should one suppose phishers would present a big fat static target for naive pattern-classification?
An artificially intelligent system has been demonstrated generating URLs for phishing websites that appear to evade detection by security tools. Essentially, the software can come up with URLs for webpages that masquerade as legit login pages for real websites, when in actual fact, the webpages simply collect the entered …
Why on Earth should one suppose phishers would present a big fat static target for naive pattern-classification?
I would expect exactly the opposite. Phishers achieve a small degree of success with the naive pattern-classification systems running on wetware. The more naive the system, the higher the chance of success.
BTW, is anybody interested in helping me out by setting up a joint bank account I can use to smuggle embezzled money out of Nigeria?
"We can confirm that these attacks are targeting the same brand, therefore, it is safe to
assume they are being made by the same threat actor."
Phishing kits are a thing, and they're widely available to anyone who wants them.
Just because the folder syntax is the same, doesn't mean they are the same threat actor.
Biting the hand that feeds IT © 1998–2019