HOME
BIZ TECH
DEVELOPER
DOWNLOADS
JOBS
Software | Hardware | Security | Communications | Business | Internet | Careers | White papers               
 
 
 
  NEWS
  PRODUCTS
  HOW TO
  FEATURES
  WHITE PAPERS
  CONTEST ZONE
  RESOURCE CENTER
  ISP SPEEDOMETER
   
   
Post budget, which of these you intend to buy?
GAMING EQUIPMENTS
LAPTOPS
MP3 PLAYERS
TVs
Total Clicks : 1647
A 33.7%
B 44.69%
C 12.57%
D 9.05%
   
  NEWSLETTERS
 
Biz Tech
Personal Tech
Tech Roundup
   
 
  SUBSCRIBE
   
   
ZDNetIndia

Alert sounds alarm on phishing imposters

Joris Evers, CNET News.com,
March 29, 2006
A new online service promises to send an e-mail alert when a Web site is copied and possibly used in a phishing scam.

The free service, dubbed PhishRegistry.org, is run by e-mail security company CipherTrust. Web site owners can use the service to monitor abuse of their brand, while consumers can submit URLs they use, such as a bank Web site, to the list of those monitored, CipherTrust said in a statement Tuesday.

The Web addresses are submitted via forms on the PhishRegistry Web site. The system then analyzes the legitimate site using CipherTrust's "Phisherprinting" technology, the company said. The technology essentially creates a "fingerprint" of the genuine pages using source code, images and text as markers.

After that, the system scans the Web and when it comes across a site, determines whether it is authentic by comparing the markers. It sends out an alert when attempts to duplicate the legitimate site have been detected. Site owners will receive weekly reports with information about suspect Web sites, the company said.

Phishing is a prevalent type of online scam in which attackers attempt to dupe Internet users into giving up sensitive data such as user names, passwords and credit card details. The attacks typically combine spam e-mail and fraudulent Web pages that look like legitimate sites.

A common method used to combat phishing is to blacklist known bad sites and to then prevent access to them.

"Blocking does not solve the problem. It's just a temporary fix," Paul Judge, chief technology officer at CipherTrust, said Tuesday at a spam event hosted by the Massachusetts Institute of Technology. "Our main purpose is to give ammo to the companies being phished so that they can go and perform take-downs of the phishing sites."

The CipherTrust announcement comes on the heels of another effort to help fight phishing. On Monday, Sunbelt Software and online security community CastleCops launched the Phishing Incident Reporting and Termination squad, a volunteer effort to take down phishing Web sites.

Despite industry efforts, phishing is still on the rise. A record 9,715 phishing Web sites were spotted in January, according to a report from the Anti-Phishing Working Group.

Top of Page


Google

 
Specials
Your Privacy | Contact Us
The Indian edition of 'ZDNET' is published under license from CNET Networks, San Francisco, CA, USA. Editorial items appearing in 'ZDNET India’ that were originally published in the U.S. Edition of 'ZDNET' are the copyright property of CNET Networks or its suppliers. Copyright © 2007 CNET Networks. All Rights Reserved. 'ZDNET' is a registered trademark of CNET Networks. Jasubhai Interactive Pvt. Ltd. owns the compilation copyright in the Localized Edition and all materials thereon not obtained under license from CNET Networks or other third parties.