The email does not rule any more in this type of attack, the method used to deceive the user final is the cache poisoning who consists in forcing DNS servers to redirect the user towards the site traps whereas this one seizes good URL. In this case it is a very targeted population which is aimed, because in fact the root servers are aimed but local servers (companies, university,...). Moreover, less and less servers remain vulnerable (original DNS), it is generally through an answer, before the true server name, that the attack is made.
Today, the average lifespan of a phishing site is 5,5 days. As comparison, this number rose at 6,4 days in November 2004 (source: apwg.com). It is thus vital to be able to react quickly to any attack.
Our experiment on domain names, and the various harmful effects which are attached there, made possible to develop powerful tools for monitoring. Namebay currently works to protect and to alert you against all types of harmful effects, having a relationship with the domain names.