We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

New technology to fight phishing

Security firms outmanoeuvre fraudsters

Security companies are developing new ways to keep the public informed about fraudulent websites and cut down on scams.

These initiatives are designed to fight phishing by providing helpful data to ISPs, email security firms and antimalware vendors whose products are designed to protect their customers from cybercrime.

Meanwhile, the fight against phishing also is playing out on the desktop, as tools to keep web users from visiting fraudulent sites become more prominent. For example, the next version of Internet Explorer will include the Phishing Filter, designed to warn users if they visit a fraudulent website, according to Microsoft officials. The next version of the Firefox browser is expected to have a similar feature.

Yet by the time these upgrades are widely adopted, phishers will have found ways around the blocking mechanisms, one analyst says.

"Phishing attacks as we know them will go away, but I'm sure [phishers] will come up with something else," says Avivah Litan, a vice president at Gartner.

"I think it's spy vs. spy," echoes Todd Bransford, vice president of marketing with antiphishing vendor Cyveillance. "We see more variants of phishing as the bad guys get more creative and come up with new ways to circumvent security…they're just different enough so that they're not recognised by the security efforts."

Among the new initiatives designed to fight phishing is an offering from Cyveillance, whose service is used by financial institutions, online retailers and other companies to protect their brand on the web. Last week the company announced it will make its data regarding phishing sites available for reuse by other vendors.

The OEM Content Program is designed for ISPs and security companies that need to block users from phishing sites, Bransford says. This phishing data from Cyveillance is used by AOL and Microsoft.

The company's crawlers and agents constantly scour the web for misuse of its clients' brands, and often discover fraudulent sites. With the new offering, Cyveillance will make this information available to companies that interact directly with users to help protect them from these sites.

Furthermore, Tipping Point, a division of 3Com, plans to announce a Firefox browser add-in designed provide instant information about the website the user is visiting for. Called Monkeyspaw and based on open-source code, the tool aims to help security professionals analyse and report fraudulent sites, says Tod Beardsley, lead counterfraud engineer with Tipping Point.

The tool also can be used to report a fraudulent site to CastleCops' Phishing Incident Reporting and Termination Squad, which takes down phishing sites.

IDG UK Sites

Acer Aspire R11 review: Hands-on with the 360 laptop and tablet convertible

IDG UK Sites

Apple Watch release day: Twitter reacts

IDG UK Sites

See how Framestore created a shape-shifting, oil and metal based creature for Shell

IDG UK Sites

Apple Watch buying guide, price list & where to buy today: Which Apple Watch model, size, material,?......