The trend of "anti" tools that combat internet threats started with antivirus software. The next programs to emerge were antispyware, and then antikeyloggers. Antihijacking tools protect your system from downloads that change your home page to a malicious site. The newest class of "anti" software aims to save you from an epidemic of internet scammers.
In September, GeoTrust's TrustWatch and Webroot Software's Phish Net join a handful of new antiphishing programs. Already available are EarthLink's ScamBlocker and CoreStreet's SpoofStick. They all aim to shield you from scammers online.
Phishing scams try to con people out of personal information such as credit card numbers and bank security codes. Phishers defraud their victims by setting up websites designed to resemble those run by legitimate companies. Then they lure people to those fake sites via email that pretends to be from major e-commerce firms, such as EBay, credit cards or online banking services. The fake Web sites ask victims to "confirm" personal and account information, and then the “phishers” them off.
These scams have been around for years, but they're growing in volume. The number of new phishing attacks reported rose by an average of 50 percent each month in the first six months of this year, according to the Anti-Phishing Working Group, which monitors such attacks.
Fortunately, you can fight back against phishers. Being released on September 22 is Phish Net, a free download from Webroot Software that works by guarding your personal information. Phish Net collects your personal data - including user names, passwords and bank account - then encrypts the information and stores it on your PC. Then, it monitors the websites you visit. Lastly, it monitors your keystrokes when you are online.
If you get a fake email from someone who claims to represent your bank and you mistakenly visit the phishing website, Phish Net can protect you. Once you start typing in your user name, Phish Net delivers an alert message to your desktop warning you that you're sharing sensitive information with an unknown website that could be trying to trick you.
Phish Net also relies on a blacklist of known phishing sites that is updated regularly. If you visit one of the blacklisted sites, the software warns you via a pop-up alert. The program also features a feedback option so you can easily report a suspicious site.
Webroot representatives emphasise that all your personal data and any information that Phish Net collects never leaves your own hard drive. Phish Net software is compatible with Microsoft Internet Explorer 5.5 and later versions.
On September 13, GeoTrust announced a free antiphishing toolbar called TrustWatch that works with IE 5.x and later releases.
TrustWatch monitors all the websites you visit. It rates the sites and displays a green, yellow, or red graphic of a light on its toolbar, connoting the safety level. Green means the site you're visiting is verified as safe. Yellow means the site is unknown to TrustWatch, and it urges you to use caution when providing information. If a red light appears, the site is on a TrustWatch blacklist of phisher sites.
TrustWatch grants sites a green light after verifying whether the site uses Secure Sockets Layer technology. SSL is an Internet protocol used for sharing sensitive information between a user and a website. TrustWatch checks whether the SSL certificate is signed by a reputable SSL authority, GeoTrust itself among them.
A yellow light appears when a site lacks a valid SSL certificate or if the site contains key phishing attributes. For example, a site might generate a yellow light if its page prominently displays words like EBay and contains phrases like credit card.
Both TrustWatch and Phish Net use antiphishing technologies that differ from those used by the earlier CoreStreet and EarthLink tools.