Ben Jackson's goal is to stymie people who develop phishing sites - misleading websites designed to steal people's personal information.
Jackson, a 26-year-old developer from Massachusetts, who works for the Massachusetts Department of Public Health, is spending his spare time on a web-based application called Crows Nest. It's designed to alert users when newly-registered domain names that are likely to be used as phishing sites go live on the internet.
"I just want to get these [phishing] sites down," said Jackson, who has a website, Mayhemic Labs.
Right now, Crows Nest is still under development as Jackson refines its features. But when it's complete, Crows Nest could be a clever weapon in the fight against phishing.
A phishy-looking domain such as "www.ebay-customer-survey.com" might be registered for weeks before it ever goes live. Jackson has engineered Crows Nest to use reports from Name Intelligence's Mark Alert, a paid service that sends email notifications when a new domain name is registered that contains certain keywords.
Jackson let PC Advisor’s partner IDG News Service have a sneak preview of Crows Nest, which is accessible through a web browser.
Crows Nest uses tabs to group domain names with certain keywords. It also ranks them in the order of their likelihood of being a phishing site. It checks the domain names using a Perl script every six hours to see if the site has gone live and notes the last time a check was performed. Other tools include a one-click lookup of the domain in the Whois directory and the name of its registrar.
Jackson acknowledges that Crows Nest isn't perfect, as the application doesn't directly stop a phishing site from going live. But "basically the goal of this is to try to catch the phishing site before it actually goes live or just after it goes lives so there are no credentials lost”, he said.
It's possible for hosting providers to never let a phishy site go live, Jackson said. But when one is activated, it's a race between the phishers and security analysts. The phishers want to trick people into visiting the site and divulging their details, such as log-ins and passwords. Website watchers race to contact the hosting service to shut the phishing site down.
"The harder we make it for these people who are doing these things, the happier I'll be," Jackson said.