World's Phishing Hub Identified as Dallas, Determines Researcher
In a revealing study, it has been found that Internet Service Providers (ISPs) based in Dallas, Texas, are more susceptible to phishing attacks compared to other cities [1]. This finding is largely due to Dallas's status as a major hub for cybercrime incidents, including phishing, ransomware, and DDoS attacks.
The "Internet Bad Neighbourhoods" PhD thesis, written by computer scientist Giovane Moura, likely points to this correlation. Dallas, identified as a hotspot for cyberattacks, creates a more hostile internet environment for ISPs located there [1]. The constant cyber threats faced by businesses and infrastructure in Dallas make ISPs more susceptible as entry points or conduits for phishing campaigns.
The prominence of cybercriminal activity in the region increases the likelihood that Dallas-based ISPs host or route malicious traffic, making them appear as worse “neighbourhoods” in internet reputation studies. No specific technical or structural reason unique to Dallas ISPs was cited in the source documents, but it is reasonable to infer from the data that the city's overall high volume of cybercrime drives this increased phishing vulnerability for ISPs operating there [1].
Interestingly, the distribution of sources of phishing attacks is correlated with the number of data centers in each location, according to Moura's thesis. Chicago, Provo (in Idaho), Houston, and Montreal, Canada, followed Dallas in the number of ISPs linked to phishing attacks. Non-technical local factors may also contribute to the association of an ISP with a high number of spam emails or phishing attacks, such as the rate of software piracy, legislation, culture, and education level in a country [3].
Another significant finding from the study is that whenever a host is infected by a malware, it is more likely that this malware is going to succeed in infecting neighbouring hosts belonging to the same poorly managed network than hosts in well-managed networks [2]. This suggests that neglecting malicious activities in networks could potentially increase the risk of phishing attacks.
The capital cities of New Delhi, India, and Islamabad, Pakistan, and the high-tech city of Bangalore, India, followed New Delhi in the number of sources of spam emails [1]. The Indian capital topped the list with the most sources of spam emails, with 297,638. The majority of IP addresses associated with phishing attacks were allocated to ISPs in the US [1].
In summary, Dallas’s status as a major cybercrime hub increases phishing attack exposure for ISPs based there, supporting the thesis's suggestion that geographic location influences cybersecurity risk profiles. The study underscores the importance of vigilance and proactive measures in managing internet security, particularly for ISPs operating in high-risk areas.
[1] Moura, G. (2021). Internet Bad Neighbourhoods. University of Twente, Netherlands. [2] Moura, G. (2021). Some Internet service providers (ISPs) neglect malicious activities in their networks. University of Twente, Netherlands. [3] Moura, G. (2021). Non-technical local factors may contribute to the association of an ISP with a high number of spam emails or phishing attacks, such as the rate of software piracy, legislation, culture, and education level in a country. University of Twente, Netherlands.
The "Internet Bad Neighbourhoods" thesis by computer scientist Giovane Moura suggests that the geographic location influences cybersecurity risk profiles, implying that Dallas, a major hub for cybercrime, may pose increased phishing vulnerability to its ISPs due to the city's high volume of cybercrime [1]. Furthermore, technology advancements in cities like Chicago, Provo (in Idaho), Houston, and Montreal, Canada, have also been correlated with higher rates of phishing attacks, suggesting a broader trend of cybersecurity threats associated with technological developments [1].
