Fed Up With Phishing? Anti-Phishing Toolbar Launched
Fed Up With Phishing? Anti-Phishing Toolbar Launched
Dec. 30, 2004 12:00 AM
A new weapon against phishing has just been launched: The Netcraft Toolbar.
It happily coexists with Google and other toolbars, says UK company Netcraft, and uses Netcraft's enormous databases of Web site information to show users all the attributes of each site they visit on the Web, including the site's hosting location, country, longevity and popularity.
It also mobilizes the Netcraft community into a giant "neighbourhood watch" scheme to empower the most alert and experienced members to protect the vulnerable against fraud and phishing attacks.
Toolbar features, says Netcraft, include:
Clear display of sites' hosting location at all times helps you validate fraudulent urls (e.g. the main online banking site of a large US bank is unlikely to be hosted in the former Soviet Union).
Once you report a phishing URL, it is blocked for other community members subsequently accessing it. The leverage of widely disseminated attacks (people constructing phishing attacks send literally millions of electronic mails in the expectation that some will reach customers of the bank) is utilized to expedite blocking of the fraud site.
Natively traps cross site scripting and other suspicious urls containing characters which have no common purpose other than to deceive.
Netcraft supervisor validation is used to contain the impact of any false reporting of urls.
Display of browser navigational controls (toolbar and address bar) in all windows, to defend against pop up windows which attempt to hide the navigational controls to disguise location.
It runs on Internet Explorer on Windows 2000/XP or later. Anyone downloading it is welcome to use the feedback form below to report to other readers how well they think it works.
Reader Feedback: Page 1 of 1
update commented on 30 Dec 2004
Currently the toolbar is only available for IE but a Firefox version *is* under development.
gujo-odori commented on 30 Dec 2004
Usually, phishing also involves cracking a server somewhere. I'm in the email security business, so I feel almost as close as family to hundreds of wealthy but desperate Nigerians (who don't get to deliver much mail on the networks I protect) and loads of phishers (who don't get to deliver much more mail than the Nigerians).
In almost all cases, the link in the phishing mail leads to a compromised host. Phishers (most of them, anyway) aren't dumb enough to put the phishing site on a host that's actually theirs. Usually, it's all too obvious that the rightful admin of the host in question is utterly clueless that he/she has been owned.
The solution is simple commented on 30 Dec 2004
Just say no to HTML email. people!
That will stop 'standard' HTML phishers cold!
It may 'eliminate' phishing as there is no HTML to hide the bogus URL behind the onscreen 'good' one.
G4from128k commented on 30 Dec 2004
The rise of phishing just shows how broken the current internet and e-mail system is. In a age in which worms and scammers can gather address books, fake headers, copy websites of legitimate businesses, hijack browsers, create zombies, and log keystrokes, no e-mail (or even web page) can be presumed to be legitimate no matter who it comes from or how you got it.
This problem saddens me greatly because it ruins the promise of global communications. Rather than a utopian information paradise for everyone, we seem to allowing the creation of a back alley in which few dare to tread.
If e-mail and the internet are ever to become truly useful, they must become simply trustworthy (as in simple to trust). Consumers (i.e. non-geeks) must be able to trust incoming emails or email is useless. Consumers must be able to trust webpages and their computers or these tools become useless.
SoerenT commented on 30 Dec 2004
Here in Denmark, I have yet to see a bank that sends out email at all.
I am doing online banking with the two biggest banks "Nordea" and "Danske Bank", and none of them send out email. They only communicate electronically with the costumer through the online bank, so you need to log in to your home banking system to communicate with the bank.
If this was the case on a global scale and people were aware of it, these scam mails might be a smaller problem.
commented on 30 Dec 2004
I received a very well done paypal phish recently. It was sent to my paypal email address (different from my ebay address and never used for anything else).
There was a link that claimed to go to:
But mousing over revealed that it actually went to:
Note the com-ogi-bin.tk rather than com/cgi-bin
IE...euugh commented on 30 Dec 2004
>>>>>It runs on Internet Explorer on Windows 2000/XP or later<<<<
Ironic that it runs on the one browser that no one wants to use any more. C'mon Netcraft, let's see this for firefox, a.s.a.p. please
Subscribe to the World's Most Powerful Newsletters
Widespread fragmentation is stalling the growth of the IIoT and making it difficult for partners to ...
Mar. 24, 2018 08:15 AM EDT Reads: 4,500
As DevOps methodologies expand their reach across the enterprise, organizations face the daunting ch...
Mar. 23, 2018 10:45 PM EDT Reads: 1,303
The standardization of container runtimes and images has sparked the creation of an almost overwhelm...
Mar. 23, 2018 08:00 PM EDT Reads: 1,959
Digital Transformation: Preparing Cloud & IoT Security for the Age of Artificial Intelligence. As au...
Mar. 23, 2018 07:15 PM EDT Reads: 1,614
DevOpsSummit New York 2018, colocated with CloudEXPO | DXWorldEXPO New York 2018 will be held Novemb...
Mar. 23, 2018 02:00 PM EDT Reads: 4,508
Cloud Expo | DXWorld Expo have announced the conference tracks for Cloud Expo 2018. Cloud Expo will ...
Mar. 23, 2018 12:30 PM EDT Reads: 7,149
DXWordEXPO New York 2018, colocated with CloudEXPO New York 2018 will be held November 11-13, 2018, ...
Mar. 23, 2018 12:30 PM EDT Reads: 6,032
DXWorldEXPO | CloudEXPO are the world's most influential, independent events where Cloud Computing w...
Mar. 23, 2018 11:45 AM EDT Reads: 2,355
@DevOpsSummit New York 2018, colocated with CloudEXPO | DXWorldEXPO New York 2018 will be held Novem...
Mar. 23, 2018 11:15 AM EDT Reads: 1,596
The dynamic nature of the cloud means that change is a constant when it comes to modern cloud-based ...
Mar. 23, 2018 09:30 AM EDT Reads: 3,623
DXWorldEXPO LLC announced today that Dez Blanchfield joined the faculty of CloudEXPO's "10-Year Anni...
Mar. 23, 2018 09:15 AM EDT Reads: 1,400
With 10 simultaneous tracks, keynotes, general sessions and targeted breakout classes, @CloudEXPO an...
Mar. 22, 2018 01:30 PM EDT Reads: 1,982
"We started a Master of Science in business analytics - that's the hot topic. We serve the business ...
Mar. 22, 2018 07:30 AM EDT Reads: 3,838
The best way to leverage your Cloud Expo presence as a sponsor and exhibitor is to plan your news an...
Mar. 21, 2018 02:30 PM EDT Reads: 2,019
As you move to the cloud, your network should be efficient, secure, and easy to manage. An enterpris...
Mar. 21, 2018 12:00 PM EDT Reads: 3,261
There is a huge demand for responsive, real-time mobile and web experiences, but current architectur...
Mar. 21, 2018 02:15 AM EDT Reads: 3,536
DXWorldEXPO LLC announced today that "Miami Blockchain Event by FinTechEXPO" has announced that its ...
Mar. 20, 2018 12:30 PM EDT Reads: 2,756
"NetApp is known as a data management leader but we do a lot more than just data management on-prem ...
Mar. 19, 2018 04:00 PM EDT Reads: 3,586
We call it DevOps but much of the time there’s a lot more discussion about the needs and concerns of...
Mar. 18, 2018 09:30 PM EDT Reads: 8,032
"Since we launched LinuxONE we learned a lot from our customers. More than anything what they respon...
Mar. 17, 2018 04:00 PM EDT Reads: 3,853