Fed Up With Phishing? Anti-Phishing Toolbar Launched
Fed Up With Phishing? Anti-Phishing Toolbar Launched
Dec. 30, 2004 12:00 AM
A new weapon against phishing has just been launched: The Netcraft Toolbar.
It happily coexists with Google and other toolbars, says UK company Netcraft, and uses Netcraft's enormous databases of Web site information to show users all the attributes of each site they visit on the Web, including the site's hosting location, country, longevity and popularity.
It also mobilizes the Netcraft community into a giant "neighbourhood watch" scheme to empower the most alert and experienced members to protect the vulnerable against fraud and phishing attacks.
Toolbar features, says Netcraft, include:
Clear display of sites' hosting location at all times helps you validate fraudulent urls (e.g. the main online banking site of a large US bank is unlikely to be hosted in the former Soviet Union).
Once you report a phishing URL, it is blocked for other community members subsequently accessing it. The leverage of widely disseminated attacks (people constructing phishing attacks send literally millions of electronic mails in the expectation that some will reach customers of the bank) is utilized to expedite blocking of the fraud site.
Natively traps cross site scripting and other suspicious urls containing characters which have no common purpose other than to deceive.
Netcraft supervisor validation is used to contain the impact of any false reporting of urls.
Display of browser navigational controls (toolbar and address bar) in all windows, to defend against pop up windows which attempt to hide the navigational controls to disguise location.
It runs on Internet Explorer on Windows 2000/XP or later. Anyone downloading it is welcome to use the feedback form below to report to other readers how well they think it works.
Reader Feedback: Page 1 of 1
update commented on 30 Dec 2004
Currently the toolbar is only available for IE but a Firefox version *is* under development.
gujo-odori commented on 30 Dec 2004
Usually, phishing also involves cracking a server somewhere. I'm in the email security business, so I feel almost as close as family to hundreds of wealthy but desperate Nigerians (who don't get to deliver much mail on the networks I protect) and loads of phishers (who don't get to deliver much more mail than the Nigerians).
In almost all cases, the link in the phishing mail leads to a compromised host. Phishers (most of them, anyway) aren't dumb enough to put the phishing site on a host that's actually theirs. Usually, it's all too obvious that the rightful admin of the host in question is utterly clueless that he/she has been owned.
The solution is simple commented on 30 Dec 2004
Just say no to HTML email. people!
That will stop 'standard' HTML phishers cold!
It may 'eliminate' phishing as there is no HTML to hide the bogus URL behind the onscreen 'good' one.
G4from128k commented on 30 Dec 2004
The rise of phishing just shows how broken the current internet and e-mail system is. In a age in which worms and scammers can gather address books, fake headers, copy websites of legitimate businesses, hijack browsers, create zombies, and log keystrokes, no e-mail (or even web page) can be presumed to be legitimate no matter who it comes from or how you got it.
This problem saddens me greatly because it ruins the promise of global communications. Rather than a utopian information paradise for everyone, we seem to allowing the creation of a back alley in which few dare to tread.
If e-mail and the internet are ever to become truly useful, they must become simply trustworthy (as in simple to trust). Consumers (i.e. non-geeks) must be able to trust incoming emails or email is useless. Consumers must be able to trust webpages and their computers or these tools become useless.
SoerenT commented on 30 Dec 2004
Here in Denmark, I have yet to see a bank that sends out email at all.
I am doing online banking with the two biggest banks "Nordea" and "Danske Bank", and none of them send out email. They only communicate electronically with the costumer through the online bank, so you need to log in to your home banking system to communicate with the bank.
If this was the case on a global scale and people were aware of it, these scam mails might be a smaller problem.
commented on 30 Dec 2004
I received a very well done paypal phish recently. It was sent to my paypal email address (different from my ebay address and never used for anything else).
There was a link that claimed to go to:
But mousing over revealed that it actually went to:
Note the com-ogi-bin.tk rather than com/cgi-bin
IE...euugh commented on 30 Dec 2004
>>>>>It runs on Internet Explorer on Windows 2000/XP or later<<<<
Ironic that it runs on the one browser that no one wants to use any more. C'mon Netcraft, let's see this for firefox, a.s.a.p. please
Subscribe to the World's Most Powerful Newsletters
A valuable conference experience generates new contacts, sales leads, potential strategic partners a...
Jun. 25, 2018 01:00 AM EDT Reads: 4,643
Containers and Kubernetes allow for code portability across on-premise VMs, bare metal, or multiple ...
Jun. 24, 2018 10:30 PM EDT Reads: 2,486
Everyone wants the rainbow - reduced IT costs, scalability, continuity, flexibility, manageability, ...
Jun. 24, 2018 07:45 PM EDT
SYS-CON Events announced today that Silicon India has been named “Media Sponsor” of SYS-CON's 21st I...
Jun. 24, 2018 06:30 PM EDT Reads: 5,436
We are seeing a major migration of enterprises applications to the cloud. As cloud and business use ...
Jun. 24, 2018 06:15 PM EDT Reads: 2,223
SYS-CON Events announced today that CrowdReviews.com has been named “Media Sponsor” of SYS-CON's 22n...
Jun. 24, 2018 06:00 PM EDT Reads: 4,336
Founded in 2000, Chetu Inc. is a global provider of customized software development solutions and IT...
Jun. 24, 2018 06:00 PM EDT Reads: 3,178
DXWorldEXPO LLC announced today that "IoT Now" was named media sponsor of CloudEXPO | DXWorldEXPO 20...
Jun. 24, 2018 05:45 PM EDT Reads: 2,666
Andi Mann, Chief Technology Advocate at Splunk, is an accomplished digital business executive with e...
Jun. 24, 2018 02:15 PM EDT Reads: 3,220
Most DevOps journeys involve several phases of maturity. Research shows that the inflection point wh...
Jun. 24, 2018 01:30 PM EDT Reads: 5,209
DXWorldEXPO LLC announced today that ICOHOLDER named "Media Sponsor" of Miami Blockchain Event by Fi...
Jun. 24, 2018 12:15 PM EDT Reads: 2,941
Today, we have more data to manage than ever. We also have better algorithms that help us access our...
Jun. 24, 2018 12:15 PM EDT
DXWordEXPO New York 2018, colocated with CloudEXPO New York 2018 will be held November 11-13, 2018, ...
Jun. 24, 2018 11:30 AM EDT Reads: 8,067
@DevOpsSummit at Cloud Expo, taking place November 12-13 in New York City, NY, is co-located with 22...
Jun. 24, 2018 11:15 AM EDT Reads: 3,006
Bill Schmarzo, author of "Big Data: Understanding How Data Powers Big Business" and "Big Data MBA: D...
Jun. 24, 2018 11:15 AM EDT Reads: 1,509
DevOpsSummit New York 2018, colocated with CloudEXPO | DXWorldEXPO New York 2018 will be held Novemb...
Jun. 24, 2018 11:15 AM EDT Reads: 2,640
CI/CD is conceptually straightforward, yet often technically intricate to implement since it require...
Jun. 24, 2018 09:30 AM EDT Reads: 2,878
The now mainstream platform changes stemming from the first Internet boom brought many changes but d...
Jun. 24, 2018 09:00 AM EDT Reads: 6,611
Bill Schmarzo, Tech Chair of "Big Data | Analytics" of upcoming CloudEXPO | DXWorldEXPO New York (No...
Jun. 24, 2018 08:45 AM EDT Reads: 2,278
CloudEXPO New York 2018, colocated with DXWorldEXPO New York 2018 will be held November 11-13, 2018,...
Jun. 24, 2018 08:30 AM EDT Reads: 3,779