In September Symantec will release a beta version of a security product that is specifically designed to protect against phishing, the company said today.
The software, Norton Confidential, will detect when a website or malicious program is trying to swipe a user name or password, Symantec said.
A phishing attack usually involves a link sent by email or IM (instant message) that leads to a web page constructed to appear legitimate. The web page often asks for sensitive data such as bank details, information that can be used for an identity theft scheme or other online fraud.
The software is one of many products under development by security and software vendors intended to stop phishing attempts. The Anti-Phishing Working Group, a consortium of companies and researchers, noted a record 20,109 unique phishing attacks in May.
Norton Confidential scans websites visited by a user for fraudulent or suspicious activity. The software compares a website against lists of fraudulent ones.
Norton Confidential will also generate warnings for pages that function like known fraudulent sites. Most phishing sites are taken down by ISPs within a few hours or days, but a window of attack remains in the interim.
The software can also scan computers for Trojans, applications that purport to be harmless but have malicious functions, such as recording keystrokes or downloading other bad programs.
Norton Confidential will verify sites' authenticity using SSL (secure sockets layer) encryption technology, Symantec said. Hackers have found a variety of ways to fake a site with SSL, by methods such as manipulating graphics or exploiting browser flaws.
The software is capable of encrypting stored passwords and prompting when credentials are sent to unknown or unauthorised sites, Symantec said.
Symantec will offer a version in October for Apple's Mac OS (operating system) that is similar to the one for Microsoft's Windows XP OS. Pricing will be released later, the company said.