By the end of summer 2022, the system for monitoring phishing sites will go into commercial operation, and the form of communication with citizens will become available on the State Services portal. This was reported to CNews by representatives of the Ministry of Digital Development.
The system draws on a variety of sources, including several Russian phishing data providers that add an average of 1,100 records to the database daily. Of these, operators select about 150-200 sites and, if the site falls under the phishing criteria, it is sent for blocking / partitioning, and the rest is monitored to block when phishing is confirmed. Now there are 12 thousand sites under monitoring.
The system receives information about 25 million certificates per day, which go through several stages of selection: only about 9-10 million pass preliminary selection; the second set of criteria: site pages in Russian, correspondence between the language and domain zones, the hosting country of the site. More than 1 million certificates pass it; at the third stage, the information on the pages and headings is analyzed: keywords and expressions.
During the day, the system operator receives about 900 new resources, pre-selected for analysis and a decision to block or put the resource on monitoring.
Security of the most valuable: how to really protect your documents
The system receives information about new, re-registered, transferred domain names in a mode close to real time. System operators receive primary information for processing with a delay of several minutes from the moment of registration and issuance of a certificate for a domain name, if the resource meets the search criteria. To make a decision, the system operator also has access to the verification functionality of detected phishing resources using 92 external sources, including public ones. The average resource blocking time, subject to matching search criteria, is about 72 hours.
The operator of the new system is the Integral Research Institute, subordinated to the Ministry of Digital Development. The Institute has taken the initiative to launch a website where citizens can complain about phishing. The site allows the operator to work out a system of interaction with citizens on anti-phishing in order to further implement convenient forms on the State Services portal.