PIRT

From CastleCopsWiki

Jump to: navigation, search

Contents

Phishing Incident Reporting and Termination Squad

This will be a community at CastleCops solely dedicated to taking down phishing sites. It’s the first public takedown community we know of, and we hope to start nailing these sites as quickly as possible. The tool has been written by CastleCops.

Join PIRT

Being on the PIRT squad helps shut down phishing sites, and you can volunteer in this global event in any of the following ways:

  • Submit new phishing scams for takedown
  • Generate reports from new phish submissions
  • Contact the appropriate authorities for phish termination

Since PIRT handling - just like MIRT and SIRT - involves preparing evidence for Law Enforcement, there will necessarily be a process of "vetting" to ensure you are genuine in your desire to help prevent the criminal aspects of spamming. Once your credentials have been checked, you will be enrolled as a volunteer, and the education materials will be made available to you.

Submit Phish

A new PIRT Squad member starts by submitting new phishing scams into our Fried Phish tool. Currently there are three ways to submit new phish scams:

  • Copy/paste the email source into Fried Phish (How To FAQ)
  • Copy/paste the phish URL into the tool (How to FAQ)
  • Foward the email to {pirt (AT) castlecops (DOT) com}.

Further reading on reporting phishing scams is found here.

Handlers

The PIRT Squad is looking to have around 50 Handlers reviewing new submissions on a 24/7 global basis. Upon verifying all submissions, reports will be generated and emails sent out to the appropriate authorities, and in some cases phone calls be made.

This is the phase of involvement that reaches out for phish termination as quickly as possible. If you are interested in being involved on this level, training will be provided in order to become a PIRT Squad Handler.

Post your interest to become a handler here.

Global Teamwork

Once phish are confirmed, emails will be sent to various anti-phishing toolbar companies with copies of the full reports, including various other researchers and enforcement communities. This way PIRT not only works on shutting down the phish by contacting the appropriate ISPs, but we also help consumers who use antiphishing toolbars with our reports. All our reports are also copied to the company that is being phished as well as the APWG and other antiphishing groups.

PIRT believes in shutting down phish immediately. We attack scams from every angle.

Communicate with other PIRT Squad Members

A community forum has been created for the PIRT volunteers. Here you can read and reply with other phishing terminators.

Sign up in the forum today.

Funding

PIRT is funded solely by CastleCops. PIRT resides on CastleCops servers and bandwidth. The handlers are all vetted volunteers from the professional community. There are no paying customers of the program.

Subscription/Feeds

This week there will be an interface that will permit anyone to subscribe to new phish report confirmations. Stay tuned to this page for details.

Media/Press

Here is a list of news articles that have been written about Project PIRT with the first being a C|Net Exclusive breaking headline story:

Retrieved from "http://wiki.castlecops.com/PIRT"
Personal tools