Rods with Laser Beams: Understanding Browser Fingerprinting on Phishing Pages

3 Oct

Iskander Sanchez-Rola, Director of Privacy Innovation at Gen

External Presentation (External Speaker)

Phishing is one of the most common forms of social engineering attacks and is regularly used by criminals to compromise millions of accounts every year. Numerous solutions have been proposed to detect or prevent identity thefts, but phishers have responded by improving their methods and adopting more sophisticated techniques. One of the most recent advancements is the use of browser fingerprinting. In particular, fingerprinting techniques can be used as an additional piece of information that complements the stolen credentials This is confirmed by the fact that credentials with fingerprint data are sold for higher prices in underground markets.

To understand the real extent of this phenomenon, we conducted the largest study of the phishing ecosystem in the topic by analyzing more than 1.7M recent phishing pages that emerged over the course of 21 months. In our systematic study, we performed detailed measurements to estimate the prevalence of fingerprinting techniques in phishing pages.

We found that more than one in four phishing pages adopt some form of fingerprinting. This seems an ever growing trend as the percentage of pages using these techniques steadily increased during the analysis period (last month doubling what detected in the first month).

About Iskander Sanchez-Rola

Iskander Sanchez-Rola, Director of Privacy Innovation at Gen. Working on shaping the next generation solutions on internet security and privacy. Multiple products that started as personal projects, are now helping stop billions of cyber threats. More information about him can be found on his personal website:

Gen (formerly known as NortonLifeLock and Symantec) is a global company powering Digital Freedom through consumer brands including Norton, Avast, LifeLock, Avira, AVG, ReputationDefender, and CCleaner.

This event will be conducted in English

  • Location: MR-1S1 [Torres] & MR-1S3 [Quevedo], IMDEA Networks Institute, Avda. del Mar Mediterráneo 22, 28918 Leganés – Madrid
  • Organization: IMDEA Networks Institute; NETCOM Research Group (Telematics Engineering Department, UC3M)
  • Time: 13:00
  • Add to Calendar: iCalendar Outlook Google