Netcraft Debuts Anti-Phishing Toolbar For IE

Grok Headline matches for Netcraft Debuts Anti-Phishing Toolbar For IE

Netcraft: Netcraft Anti-Phishing Toolbar
Available for Download

Netcraft: Netcraft Anti-Phishing Toolbar
Available for Download 12/31/2004 12:43 PM
Netcraft: Netcraft Anti-Phishing Toolbar Available for Download

news.netcraft.com/archives/2004/12/28/netcraft_antiphishing _toolbar_available_for_download.html
track this site | 3 links

Netcraft Releases Anti-Phishing Toolbar

Netcraft Releases Anti-Phishing Toolbar 12/30/2004 11:36 AM

Netcraft launches free anti-phishing
toolbar

Netcraft launches free anti-phishing
toolbar 01/04/2005 06:46 AM
Computer Weekly Jan 4 2005 11:16AM GMT

Netcraft Toolbar Targets Phishing Sites

Netcraft Toolbar Targets Phishing Sites 01/05/2005 11:12 AM
Catch a phish, win a coffee mug with the organization's new anti-phishing toolbar for Internet Explorer.

New Netcraft Toolbar Blocks Phishing,
Analyzes Web Sites

New Netcraft Toolbar Blocks Phishing,
Analyzes Web Sites 12/30/2004 04:52 PM
eWeek Dec 30 2004 8:05PM GMT

Review: New Netcraft Toolbar Blocks
Phishing, Analyzes Web Sites

Review: New Netcraft Toolbar Blocks
Phishing, Analyzes Web Sites 01/02/2005 12:41 AM
eWeek Jan 2 2005 3:13AM GMT

Anti-Phishing Toolbar Available. How to
Avoid Bank and Ebay Phishing Scams

Anti-Phishing Toolbar Available. How to
Avoid Bank and Ebay Phishing Scams 12/30/2004 07:54 PM
Tech-Recipes Dec 30 2004 11:09PM GMT

Netcraft Unveils Anti-Phishing Services

Netcraft Unveils Anti-Phishing Services 01/05/2005 04:44 PM
theWHIR Jan 5 2005 8:12PM GMT

NetCraft Launching Anti-Phishing Service

NetCraft Launching Anti-Phishing Service 01/07/2004 06:39 PM
"Phishing" scams, where a scammer sends a fake email pretending to be from a legitimate site and tries to get people go to a real-looking site and give away all their personal details and/or passwords, are becoming increasingly popular. However, as scams grow, so do the scam fighters. NetCraft, known for monitoring what systems are used to host websites, is going to launch a phishing detection service. Since they already keep track of registered domain names, and crawls sites, recording their home page. The service will specifically look for domain names that are similar to the names of companies that sign up for the service - while also comparing actual websites to try to catch phishing sites before they have a chance to scam people. Sounds like a useful service.

Netcraft crafts anti-phishing service

Netcraft crafts anti-phishing service 01/06/2004 06:53 AM
Early warning

Netcraft toolbar filters Google

Netcraft toolbar filters Google 12/30/2004 04:55 PM
p2pnet.net Dec 30 2004 7:11PM GMT

Ask Jeeves Debuts Toolbar

Ask Jeeves Debuts Toolbar 08/05/2002 10:45 PM
AskJeeves introduces new toolbar.

Yahoo! Toolbar Now With Anti-Spyware

Yahoo! Toolbar Now With Anti-Spyware 05/27/2004 10:42 AM
The previously mentioned secret alpha test was for the just announced upgrade to the Yahoo! Toolbar which now contains anti-spyware code. I have to say, this one of those ideas that was immediately obvious upon hearing it. "Of *course* we should use the Toolbar as a way to help poor Windows users get all that crap off their machines." But at the same time it's amazing how many folks never came up with it on their own, me included. Congrats...

Secure Resolutions Upgrades Their
Anti-Virus Engine to Include
Anti-Spyware, Anti-Adware, Anti-Dialers,
Anti-Hoaxes, Anti-Jokes, and
Anti-Hacking Tools

Secure Resolutions Upgrades Their
Anti-Virus Engine to Include
Anti-Spyware, Anti-Adware, Anti-Dialers,
Anti-Hoaxes, Anti-Jokes, and
Anti-Hacking Tools 06/05/2005 11:14 PM
Secure Resolutions desktop security (Resolution Antivirus™) automatically detects and eliminates all types of viruses, worms, Trojans Horses, dialers, hoaxes, jokes, and hacking tools within a managed desktop security solution. [PRWEB Jun 2, 2005]

Anti-Phishing Tools

Anti-Phishing Tools 08/17/2004 11:26 AM

Yahoo Adds Anti-Spyware to Toolbar

Yahoo Adds Anti-Spyware to Toolbar 05/28/2004 07:58 AM
Linux Insider May 28 2004 12:36PM GMT

Yahoo adding anti-spyware to its toolbar

Yahoo adding anti-spyware to its toolbar 05/28/2004 12:39 PM
Washington Times May 28 2004 4:48PM GMT

Yahoo toolbar with free anti-spy
software

Yahoo toolbar with free anti-spy
software 05/28/2004 07:50 PM
The Hindu May 29 2004 0:32AM GMT

Yahoo's Anti-Spy toolbar feature buggy

Yahoo's Anti-Spy toolbar feature buggy 08/06/2004 10:01 PM
Web portal admits error in newly released product billed as protection against invasive online marketers.

Yahoo Adds Anti-Spyware To Firefox
Toolbar

Yahoo Adds Anti-Spyware To Firefox
Toolbar 04/07/2005 05:53 PM
Lockergnome Apr 7 2005 9:17PM GMT

Yahoo Adds Anti-Spyware to Browser
Toolbar

Yahoo Adds Anti-Spyware to Browser
Toolbar 05/28/2004 09:39 AM
Yahoo has announced it will add a feature to its Web browser toolbar that allows users to easily remove spyware programs from their computers. Called Anti-Spy, the feature is currently in beta. Yahoo will be collecting feedback from beta users and intends to utilize that information to produce the final version of Anti-Spy. The current beta version is supported by third-party software from PestPatrol and is available for download to a limited audience at beta.toolbar.yahoo.com.

Other News: Anti-Phishing Group

Other News: Anti-Phishing Group 04/22/2004 09:19 AM
The Anti-Phishing Working Group aims to help combat this rampant scam strategy.

Other News: Anti-Phishing Tech

Other News: Anti-Phishing Tech 08/17/2004 11:27 AM
Companies are starting to market anti-phishing software, which looks for suspicious URLs.

Anti-phishing group gets help from
Microsoft

Anti-phishing group gets help from
Microsoft 07/21/2004 11:28 AM
The software giant offers goods in kind to organization that investigates Internet crime.

Yahoo Adds Anti-Spyware Feature to
Browser Toolbar

Yahoo Adds Anti-Spyware Feature to
Browser Toolbar 05/27/2004 10:35 AM

Microsoft to fund anti-phishing group

Microsoft to fund anti-phishing group 07/22/2004 06:09 AM
ZDNet UK Jul 22 2004 10:31AM GMT

Symantec Rolls Out Anti-Phishing Service

Symantec Rolls Out Anti-Phishing Service 09/13/2004 02:30 PM
The company unveils a new offering intended to help financial institutions fight phishing attacks and online fraud.

Bush to sign anti-phishing bill

Bush to sign anti-phishing bill 07/15/2004 08:29 AM
Mandatory minumum sentences for ID theft

Anti-Phishing Working Group Meeting

Anti-Phishing Working Group Meeting 04/09/2004 05:30 PM

I was out all day yesterday to attend the Anti-Phishing Working Group meeting at Wells Fargo World HQ in San Francisco.  About one hundred people from wide assortment of backgrounds were there, some from law enforcement agencies like the Secret Service and FBI, lawyers, prosecutors, financial services, e-tailers, solutions vendors, and security experts.  APWG did an impressive job of pulling them altogether to focus on the phishing epidemic which continues to grow.

While everyone wanted to pool resources to combat phishing, I sensed a common desire to protect details about ongoing APWG activities from the public for various reasons.  Since I am not sure what APWG's policy is about blogging, I will limit this post to my thoughts and observations.

Toolbars

Warm receptions received by Account Guard feature of eBay Toolbar and Dan Boneh's SpoofGuard means more toolbars in the near future.  I predict we'll see about ten security-related toolbars released before this year is over.  Since highly integrated client-side software like browser toolbars are one of my specialties, all this is good news for me but I couldn't help worrying about the oncoming glut of toolbars, sidebars, and deskbars causing confusion among users.

Microsoft

Microsoft needs to do more to combat phishing.  Actually, they need to do 'less' by disabling or limiting use of hyperlinks and javascript in Outlook and Hotmail.  Since phishing is causing real financial damages to companies and individuals, Microsoft created an arguably very large liability exposure by introducing DHTML e-mail in Outlook.

My opinion is that hyperlinks in e-mail contents should require the user to approve each navigation after viewing a dialog that clearly indicate the link destination.  This constraint can be eased depending on the age of the hyperlinks because destination phishing websites are more likely to be takendown or abandoned over time.  I also think javascript should be disabled completely in e-mail contents to protect against new breed of javascript obfuscated webpages.

Hunters vs. Butchers

Law enforcement agencies are IMHO still in the hunter mode, meaning hackers they find and prosecute are more or less trophies for assuring the public.  Seen as services, they are open to denial of service attacks by organized hackers arming script-kiddies to overload or slowdown cybercops.  They need to think about ways to shift-gear from hunter to butchers mode now, if not just against phishers, then for homeland security.

Takedown.com

Most difficult part of fighting against phishing is taking down phishing websites.  Differences and confusino in law and legal jurisdictions, cross-language communication issues, availability, authority verification problems, and other issues make taking down a fraud site a skill or an art of social networking, ingenuity, and patience which most companies do not have.

Solutions suggested so far like contacts and standards are useless IMHO.  A more effective solution is to encourage entrepreneurs to startup federated or franchised businesses to offer takedown services around globe and around the clock with the local touch.  Having middlemen like them solves most of the issues mentioned above.

Spoofback

Considering the difficulty with takedown, another options is to 'spoof back' by posting phony information to the phishing websites in order to spoil the goods by diluting it with bad info.  Instead of receiving 3,000 good responses, phishers will receive 300,000 responses most of which will be bad.  Another variation is to post user info leading to honeypots in order to phish the phishers.  I am not sure about the legal issues, but hackback risk is no worse than the takedown IMHO.

APWG Future Threat Models SIG

I have volunteered to participate in the Future Threat Models SIG at APWG because I am both highly creative and insanely paranoid which means I can see blindspots where none exists.  :-)  I probably won't be posting about the activities there but I will post my thoughts and publicize imminent threats like the XSS Network threat I posted about before.

Will A Reactive Anti-Phishing System
Work?

Will A Reactive Anti-Phishing System
Work? 09/14/2004 05:25 AM
Realizing that phishing scams are a big deal these days, Symantec is now launching their own anti-phishing system to help combat the problem. Of course, since phishing relies more on social engineering to trick people into revealing their bank account, credit card and/or other private info, it's hard to see how a company could launch an effective anti-phishing service. Symantec's works the same way many early anti-spam systems worked: by creating a bunch of fake accounts, monitoring the results and using them to build a database of phishing sites to block. It certainly could help, but it might depend on how quickly it works. Unlike the situation with spam, where it's not quite as awful if a few messages get through, a phishing site that still gets a bunch of victims is certainly problematic for those people. While it's unclear if there's any better solution, a reactive solution to phishing may just be too little too late.

Microsoft helps anti-phishing group

Microsoft helps anti-phishing group 07/21/2004 08:10 PM
globetechnology.com Jul 22 2004 0:42AM GMT

Anti-Phishing Working Group (APWG)

Anti-Phishing Working Group (APWG) 02/12/2004 08:41 AM
Anti-Phishing Working Group (APWG)
http://www.antiphishing.org

The Anti-Phishing Working Group (APWG)is an industry association focused on eliminating the identity theft and fraud that result from the growing problem of phishing and email spoofing. The organization provides a forum to discuss phishing issues, define the scope of the phishing problem in terms of hard and soft costs, and share information and best practices for eliminating the problem. Where appropriate, the APWG will also look to share this information with law enforcement.

Membership is open to qualified financial institutions, online retailers, ISPs, the law enforcement community, and solutions providers. Note that because phishing attacks and email fraud are sensitive subjects for many organizations that do business online, the APWG has a policy of maintaining the confidentiality of member organizations.

It serves as a public and industry resource for information about the problem of phishing and email fraud, including identification and promotion of pragmatic technical solutions that can provide immediate protection and benefits against phishing attacks. The analysis, forensics, and archival of phishing attacks to the Web site are currently powered by Tumbleweed Communications' Message Protection Lab.

Thunderbird in line for anti-phishing
safeguards

Thunderbird in line for anti-phishing
safeguards 02/01/2005 08:53 PM
A group of developers working on Thunderbird have come up with a new anti-phishing feature. Can improved security safeguards aid in Thunderbird adoption at the expense of other clients?

Microsoft launches 117 anti-phishing
suits

Microsoft launches 117 anti-phishing
suits 03/31/2005 11:25 PM
CNET Asia Apr 1 2005 3:39AM GMT

Other News: Anti-Phishing Working Group

Other News: Anti-Phishing Working Group 12/31/2004 05:03 AM
The Anti-Phishing Working Group provides lists of recent phishing attacks and advice on how to defend against them.

Yahoo Adds Anti-Spyware Feature to
Browser Toolbar (Reuters)

Yahoo Adds Anti-Spyware Feature to
Browser Toolbar (Reuters) 05/27/2004 12:07 AM
Reuters - Internet media company Yahoo Inc. (YHOO.O) unveiled a feature on Wednesday for its Web browser toolbar aimed at making it easier for users to remove unwanted "spyware" programs that snoop on Web surfing habits and other activities.

Yahoo Search Toolbar Offers Beta
Anti-Spyware Protection

Yahoo Search Toolbar Offers Beta
Anti-Spyware Protection 05/31/2004 06:41 PM
BeSpacific May 31 2004 10:18PM GMT

Anti-phishing software detects
fraudulent lures

Anti-phishing software detects
fraudulent lures 08/17/2004 07:36 AM

Anti-Phishing Bill Introduced Just To
Make It Even More Illegal

Anti-Phishing Bill Introduced Just To
Make It Even More Illegal 07/13/2004 03:47 AM
Maybe I missed the note, but I was under the impression that "phishing" (tricking people into filling out their personal info into a site they believe is a financial site like Paypal or their bank, but which is really the scammer's own site) was already pretty damn illegal. After all, it is tricking someone into revealing their bank account info, which will then most likely be used to steal money from them. However, just for good measure, a new anti-phishing bill has been introduced in the Senate, making sure it's even more illegal. The argument for doing this is that it's currently difficult to prosecute those scammers involved with phishing, but it's not entirely clear why. It seems like setting up a website to defraud people out of their bank account or credit card info should be an open and shut case of fraud.
Grok Description matches for Netcraft Debuts Anti-Phishing Toolbar For IE
GrokA matches for Netcraft Debuts Anti-Phishing Toolbar For IE

Netcraft Debuts Anti-Phishing Toolbar For IE

The following phrases have been identified by the grok system as matching this entry: