We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,258 News Articles

New technology to fight phishing

Security firms outmanoeuvre fraudsters

Security companies are developing new ways to keep the public informed about fraudulent websites and cut down on scams.

These initiatives are designed to fight phishing by providing helpful data to ISPs, email security firms and antimalware vendors whose products are designed to protect their customers from cybercrime.

Meanwhile, the fight against phishing also is playing out on the desktop, as tools to keep web users from visiting fraudulent sites become more prominent. For example, the next version of Internet Explorer will include the Phishing Filter, designed to warn users if they visit a fraudulent website, according to Microsoft officials. The next version of the Firefox browser is expected to have a similar feature.

Yet by the time these upgrades are widely adopted, phishers will have found ways around the blocking mechanisms, one analyst says.

"Phishing attacks as we know them will go away, but I'm sure [phishers] will come up with something else," says Avivah Litan, a vice president at Gartner.

"I think it's spy vs. spy," echoes Todd Bransford, vice president of marketing with antiphishing vendor Cyveillance. "We see more variants of phishing as the bad guys get more creative and come up with new ways to circumvent security…they're just different enough so that they're not recognised by the security efforts."

Among the new initiatives designed to fight phishing is an offering from Cyveillance, whose service is used by financial institutions, online retailers and other companies to protect their brand on the web. Last week the company announced it will make its data regarding phishing sites available for reuse by other vendors.

The OEM Content Program is designed for ISPs and security companies that need to block users from phishing sites, Bransford says. This phishing data from Cyveillance is used by AOL and Microsoft.

The company's crawlers and agents constantly scour the web for misuse of its clients' brands, and often discover fraudulent sites. With the new offering, Cyveillance will make this information available to companies that interact directly with users to help protect them from these sites.

Furthermore, Tipping Point, a division of 3Com, plans to announce a Firefox browser add-in designed provide instant information about the website the user is visiting for. Called Monkeyspaw and based on open-source code, the tool aims to help security professionals analyse and report fraudulent sites, says Tod Beardsley, lead counterfraud engineer with Tipping Point.

The tool also can be used to report a fraudulent site to CastleCops' Phishing Incident Reporting and Termination Squad, which takes down phishing sites.

IDG UK Sites

Android M Developer Preview announced at Google I/O: Android M UK release date and new features. Wh?......

IDG UK Sites

Why I think the Apple Watch sucks and you'd be mad to buy it

IDG UK Sites

Ben & Holly's Game of Thrones titles spoof is delightfully silly

IDG UK Sites

Mac OS X 10.11 release date rumours: all the new features expected in Yosemite successor