Project avatar for Phish Finders

Phish Finders

Finished! Looks like this project is out of data at the moment!

See Results

We've updated our Results page! Click on About and take a look at how you've helped Phish Finders learn more about cybercrime!

Research

WHAT IS PHISHING?

Phishing is a type of web-based attack where bad actors, such as criminal conglomerates, intelligence agencies, or devious individuals, trick people into sending sensitive private information or clicking malicious links that install malware on their computers. Millions of people have been victimized in the past few years by phishing attacks. Despite increasing attack rates and sophistication, most people think “this will never happen to me”.

The image below shows you the basics of a how one of the phishing attacks we're studying works. The images you will be classifying are typically found in this type of phishing attack.


Image courtesy of DataProof 4/01/2018

PHISHING BY THE NUMBERS

According to a recent Google study, the most sophisticated phishing websites prove about half (45%) of those people wrong. Even average, less sophisticated sites convince more than 1 in 10 (13.7%) of visitors to give away personal information or login credentials.

Approximately 14.25 billion phishing emails make it through spam filters every year (out of 140 billion sent), 7 billion are opened and, in the end, 70 million people globally (191,000 daily) report being victimized.

Moreover, the 2019 Verizon Data Breach Report indicated that more than 90% of all successful breaches occurred as a result of a phishing attack. The image below shows you where the hack came from and what they used to break in.

HOW CAN YOU HELP?

Malicious web content takes on a variety of forms including targeted and untargeted phishing emails, social media posts, and websites that emulate the look and feel of legitimate sites. As a cornerstone of multi-billion-dollar profiteering schemes and state-based efforts influencing foreign political processes, phishing is on the rise and increasingly damaging. While human-centered research has been more focused on phishing victimization, research into prevention has struggled to keep up.

Platforms like Zooniverse can provide us with the tools for combating phishing, but we lack sufficient labeled training content to develop systems that help people learn to identify phishing. Right now, we have very little information about people's behaviors when interacting with phishing content and we are relying too heavily on expert observations for developing effective training tools.

Crowdsourcing, like what we're doing on Zooniverse, can offer us a potential solution for labeling content that can be used to train others to recognize and avoid phishing. Lots of eyes on a few images can make a huge difference!

That's why we need your help!