Welcome!

Containers Expo Blog Authors: Liz McMillan, Pat Romanski, Yeshim Deniz, Elizabeth White, Zakia Bouachraoui

Related Topics: Containers Expo Blog, Java IoT, Industrial IoT, Microservices Expo, Microsoft Cloud, Linux Containers

Containers Expo Blog: Article

Fed Up With Phishing? Anti-Phishing Toolbar Launched

Fed Up With Phishing? Anti-Phishing Toolbar Launched

A new weapon against phishing has just been launched: The Netcraft Toolbar.

It happily coexists with Google and other toolbars, says UK company Netcraft, and uses Netcraft's enormous databases of Web site information to show users all the attributes of each site they visit on the Web, including the site's hosting location, country, longevity and popularity.

It also mobilizes the Netcraft community into a giant "neighbourhood watch" scheme to empower the most alert and experienced members to protect the vulnerable against fraud and phishing attacks.

Toolbar features, says Netcraft, include:

  • Clear display of sites' hosting location at all times helps you validate fraudulent urls (e.g. the main online banking site of a large US bank is unlikely to be hosted in the former Soviet Union).
  • Once you report a phishing URL, it is blocked for other community members subsequently accessing it. The leverage of widely disseminated attacks (people constructing phishing attacks send literally millions of electronic mails in the expectation that some will reach customers of the bank) is utilized to expedite blocking of the fraud site.
  • Natively traps cross site scripting and other suspicious urls containing characters which have no common purpose other than to deceive.
  • Netcraft supervisor validation is used to contain the impact of any false reporting of urls.
  • Display of browser navigational controls (toolbar and address bar) in all windows, to defend against pop up windows which attempt to hide the navigational controls to disguise location.

    It runs on Internet Explorer on Windows 2000/XP or later. Anyone downloading it is welcome to use the feedback form below to report to other readers how well they think it works.

  • More Stories By Security News Desk

    SYS-CON's Security News desk trawls the world of security for news of software, hardware, products, and services that seems likely to be of interest to infosec professionals and summarizes them for easy assimilation by busy IT managers and staff.

    Comments (7) View Comments

    Share your thoughts on this story.

    Add your comment
    You must be signed in to add a comment. Sign-in | Register

    In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


    Most Recent Comments
    update 12/30/04 02:23:09 PM EST

    Currently the toolbar is only available for IE but a Firefox version *is* under development.

    gujo-odori 12/30/04 08:43:25 AM EST

    Usually, phishing also involves cracking a server somewhere. I'm in the email security business, so I feel almost as close as family to hundreds of wealthy but desperate Nigerians (who don't get to deliver much mail on the networks I protect) and loads of phishers (who don't get to deliver much more mail than the Nigerians).

    In almost all cases, the link in the phishing mail leads to a compromised host. Phishers (most of them, anyway) aren't dumb enough to put the phishing site on a host that's actually theirs. Usually, it's all too obvious that the rightful admin of the host in question is utterly clueless that he/she has been owned.

    The solution is simple 12/30/04 08:36:19 AM EST

    Just say no to HTML email. people!

    That will stop 'standard' HTML phishers cold!

    It may 'eliminate' phishing as there is no HTML to hide the bogus URL behind the onscreen 'good' one.

    G4from128k 12/30/04 08:26:46 AM EST

    The rise of phishing just shows how broken the current internet and e-mail system is. In a age in which worms and scammers can gather address books, fake headers, copy websites of legitimate businesses, hijack browsers, create zombies, and log keystrokes, no e-mail (or even web page) can be presumed to be legitimate no matter who it comes from or how you got it.

    This problem saddens me greatly because it ruins the promise of global communications. Rather than a utopian information paradise for everyone, we seem to allowing the creation of a back alley in which few dare to tread.

    If e-mail and the internet are ever to become truly useful, they must become simply trustworthy (as in simple to trust). Consumers (i.e. non-geeks) must be able to trust incoming emails or email is useless. Consumers must be able to trust webpages and their computers or these tools become useless.

    SoerenT 12/30/04 08:22:16 AM EST

    Here in Denmark, I have yet to see a bank that sends out email at all.

    I am doing online banking with the two biggest banks "Nordea" and "Danske Bank", and none of them send out email. They only communicate electronically with the costumer through the online bank, so you need to log in to your home banking system to communicate with the bank.

    If this was the case on a global scale and people were aware of it, these scam mails might be a smaller problem.

    erice 12/30/04 08:19:24 AM EST

    I received a very well done paypal phish recently. It was sent to my paypal email address (different from my ebay address and never used for anything else).

    There was a link that claimed to go to:

    https://scgi.ebay.com/saw-cgi/eBayISAPI.dll?Regist erEnterInfo

    But mousing over revealed that it actually went to:

    http://signin.ebay.com-ogi-bin.tk/_eBaydll.php

    Note the com-ogi-bin.tk rather than com/cgi-bin

    IE...euugh 12/30/04 08:12:03 AM EST

    >>>>>It runs on Internet Explorer on Windows 2000/XP or later<<<<

    Ironic that it runs on the one browser that no one wants to use any more. C'mon Netcraft, let's see this for firefox, a.s.a.p. please

    IoT & Smart Cities Stories
    The deluge of IoT sensor data collected from connected devices and the powerful AI required to make that data actionable are giving rise to a hybrid ecosystem in which cloud, on-prem and edge processes become interweaved. Attendees will learn how emerging composable infrastructure solutions deliver the adaptive architecture needed to manage this new data reality. Machine learning algorithms can better anticipate data storms and automate resources to support surges, including fully scalable GPU-c...
    Machine learning has taken residence at our cities' cores and now we can finally have "smart cities." Cities are a collection of buildings made to provide the structure and safety necessary for people to function, create and survive. Buildings are a pool of ever-changing performance data from large automated systems such as heating and cooling to the people that live and work within them. Through machine learning, buildings can optimize performance, reduce costs, and improve occupant comfort by ...
    The explosion of new web/cloud/IoT-based applications and the data they generate are transforming our world right before our eyes. In this rush to adopt these new technologies, organizations are often ignoring fundamental questions concerning who owns the data and failing to ask for permission to conduct invasive surveillance of their customers. Organizations that are not transparent about how their systems gather data telemetry without offering shared data ownership risk product rejection, regu...
    René Bostic is the Technical VP of the IBM Cloud Unit in North America. Enjoying her career with IBM during the modern millennial technological era, she is an expert in cloud computing, DevOps and emerging cloud technologies such as Blockchain. Her strengths and core competencies include a proven record of accomplishments in consensus building at all levels to assess, plan, and implement enterprise and cloud computing solutions. René is a member of the Society of Women Engineers (SWE) and a m...
    Poor data quality and analytics drive down business value. In fact, Gartner estimated that the average financial impact of poor data quality on organizations is $9.7 million per year. But bad data is much more than a cost center. By eroding trust in information, analytics and the business decisions based on these, it is a serious impediment to digital transformation.
    Digital Transformation: Preparing Cloud & IoT Security for the Age of Artificial Intelligence. As automation and artificial intelligence (AI) power solution development and delivery, many businesses need to build backend cloud capabilities. Well-poised organizations, marketing smart devices with AI and BlockChain capabilities prepare to refine compliance and regulatory capabilities in 2018. Volumes of health, financial, technical and privacy data, along with tightening compliance requirements by...
    Predicting the future has never been more challenging - not because of the lack of data but because of the flood of ungoverned and risk laden information. Microsoft states that 2.5 exabytes of data are created every day. Expectations and reliance on data are being pushed to the limits, as demands around hybrid options continue to grow.
    Digital Transformation and Disruption, Amazon Style - What You Can Learn. Chris Kocher is a co-founder of Grey Heron, a management and strategic marketing consulting firm. He has 25+ years in both strategic and hands-on operating experience helping executives and investors build revenues and shareholder value. He has consulted with over 130 companies on innovating with new business models, product strategies and monetization. Chris has held management positions at HP and Symantec in addition to ...
    Enterprises have taken advantage of IoT to achieve important revenue and cost advantages. What is less apparent is how incumbent enterprises operating at scale have, following success with IoT, built analytic, operations management and software development capabilities - ranging from autonomous vehicles to manageable robotics installations. They have embraced these capabilities as if they were Silicon Valley startups.
    As IoT continues to increase momentum, so does the associated risk. Secure Device Lifecycle Management (DLM) is ranked as one of the most important technology areas of IoT. Driving this trend is the realization that secure support for IoT devices provides companies the ability to deliver high-quality, reliable, secure offerings faster, create new revenue streams, and reduce support costs, all while building a competitive advantage in their markets. In this session, we will use customer use cases...