The Phishing Incident Reporting and Termination (PIRT) Squad, which has been formed by CastleCops and Sunbelt Software, is based on a community at CastleCops solely dedicated to taking down phishing sites. This community consists of unpaid volunteer members who report new phishing scams as well as security researchers ("handlers") that handle incoming reports of phishing websites and are responsible for performing immediate action to terminate the criminal activity.
The PIRT Squad aims to work as a complement to existing organizations such as the Anti-Phishing Working Group (APWG). It creators said that the primary difference between PIRT and other organizations is that PIRT is focused "solely on aggressively terminating phishing sites." PIRT will work with other security organizations and, if necessary, law enforcement, to provide information for security and forensic analysis, the firms added.
"The reason this group was formed is to give consumers direct access to a dedicated task force that will take immediate and aggressive action to shutting down phishing sites," said Paul Laudanski, president of CastleCops.
"While there is a very active professional security community performing outstanding research and forensics on phishing sites, it's our experience that many of these phishing sites themselves aren't immediately reported to the ISP, or in the case of compromised sites, to the domain owner. This effort adds one more layer to the fight against phishing, making it increasingly more difficult for the criminals to perpetrate their scams on innocent users," added Alex Eckelberry, president of Sunbelt Software.
Based on its own research, PIRT estimates that the success rate in shutting down a phishing site will be between 40 percent and 50 percent of the sites identified. However, the organization believes that this number is expected to increase as it matures.
Operationally PIRT Handlers will use all available avenues to rapidly shut down phishing sites. These include working with domain owners who have been compromised, contacting ISPs and, if necessary, working with law enforcement.