Anti-phishing software

Last updated

Anti-phishing software consists of computer programs that attempt to identify phishing content contained in websites, e-mail, or other forms used to accessing data (usually from the internet) [1] and block the content, usually with a warning to the user (and often an option to view the content regardless). It is often integrated with web browsers and email clients as a toolbar that displays the real domain name for the website the viewer is visiting, in an attempt to prevent fraudulent websites from masquerading as other legitimate websites.

Contents

Most popular web browsers comes with built-in anti-phishing and anti-malware protection services, but almost none of the alternate web browsers have such protections. [2]

Password managers can also be used to help defend against phishing, as can some mutual authentication techniques.

Types of anti-phishing software

Email security

According to Gartner, "email security refers collectively to the prediction, prevention, detection and response framework used to provide attack protection and access protection for email." Email security solution may be : Email security spans gateways, email systems, user behavior, content security, and various supporting processes, services and adjacent security architecture. [3]

Security awareness computer-based training

According to Gartner, security awareness training includes one or more of the following capabilities: Ready-to-use training and educational content, Employee testing and knowledge checks, Availability in multiple languages, Phishing and other social engineering attack simulations, Platform and awareness analytics to help measure the efficacy of the awareness program. [4]

Client-based anti-phishing programs

Service-based anti-phishing

Anti-phishing effectiveness

An independent study [12] conducted by Carnegie Mellon University CyLab titled "Phinding Phish: An Evaluation of Anti-Phishing Toolbars" and released November 13, 2006 tested the ability of ten anti-phishing solutions to block or warn about known phishing sites and not block or warn about legitimate sites (not exhibit false-positives), as well as the usability of each solution. Of the solutions tested, Netcraft Toolbar, EarthLink ScamBlocker and SpoofGuard were able to correctly identify over 75% of the sites tested, with Netcraft Toolbar receiving the highest score without incorrectly identifying legitimate sites as phishing. Severe problems were, however, discovered using SpoofGuard, and it incorrectly identified 38% of the tested legitimate sites as phishing, leading to the conclusion that "such inaccuracies might nullify the benefits SpoofGuard offers in identifying phishing sites." Google Safe Browsing (which has since been built into Firefox) and Internet Explorer both performed well, but when testing the ability to detect fresh phishes Netcraft Toolbar scored as high as 96%, while Google Safe Browsing scored as low as 0%. The testing was performed using phishing data obtained from Anti-Phishing Working Group, PhishTank, and an unnamed email filtering vendor.[ citation needed ]

Another study, [13] conducted by SmartWare for Mozilla and released November 14, 2006, concluded that the anti-phishing filter in Firefox was more effective than Internet Explorer by over 10%. The results of this study have been questioned by critics, [14] noting that the testing data was sourced from PhishTank, which itself is an anti-phishing provider. The study only compared Internet Explorer and Firefox, leaving out (among others) Netcraft Toolbar and the Opera browser, both of which use data from PhishTank in their anti-phishing solutions. This has led to speculations that, with the limited testing data, both Opera and Netcraft Toolbar would have got a perfect score had they been part of the study. [15]

While these two reports were released only one day apart, Asa Dotzler, Director of Community Development at Mozilla, has responded to the criticism of the Mozilla-commissioned report by saying, "so you're agreeing that the most recent legitimate data puts Firefox ahead. Good enough for me." [16]

Since these studies were conducted, both Microsoft and Opera Software have started licensing Netcraft's anti-phishing data, bringing the effectiveness of their browser's built-in anti-phishing on par with Netcraft Toolbar.[ citation needed ] [17]

See also

Related Research Articles

<span class="mw-page-title-main">HTTPS</span> Extension of the HTTP communications protocol to support TLS encryption

Hypertext Transfer Protocol Secure (HTTPS) is an extension of the Hypertext Transfer Protocol (HTTP). It uses encryption for secure communication over a computer network, and is widely used on the Internet. In HTTPS, the communication protocol is encrypted using Transport Layer Security (TLS) or, formerly, Secure Sockets Layer (SSL). The protocol is therefore also referred to as HTTP over TLS, or HTTP over SSL.

In cryptography, a certificate authority or certification authority (CA) is an entity that stores, signs, and issues digital certificates. A digital certificate certifies the ownership of a public key by the named subject of the certificate. This allows others to rely upon signatures or on assertions made about the private key that corresponds to the certified public key. A CA acts as a trusted third party—trusted both by the subject (owner) of the certificate and by the party relying upon the certificate. The format of these certificates is specified by the X.509 or EMV standard.

<span class="mw-page-title-main">Phishing</span> Form of social engineering

Phishing is a form of social engineering and a scam where attackers deceive people into revealing sensitive information or installing malware such as viruses, worms, adware, or ransomware. Phishing attacks have become increasingly sophisticated and often transparently mirror the site being targeted, allowing the attacker to observe everything while the victim navigates the site, and transverses any additional security boundaries with the victim. As of 2020, it is the most common type of cybercrime, with the FBI's Internet Crime Complaint Center reporting more incidents of phishing than any other type of computer crime.

Netcraft is an Internet services company based in London, England. The company provides cybercrime disruption services across a range of industries.

<span class="mw-page-title-main">Netscape Browser</span> Internet browser

Netscape Browser is the eighth major release of the Netscape series of web browsers, now all discontinued. It was published by AOL, but developed by Mercurial Communications, and originally released for Windows on May 19, 2005.

Mozilla Firefox has features which distinguish it from other web browsers, such as Google Chrome, Safari, and Microsoft Edge.

Anti-pharming techniques and technology are used to combat pharming.

Browser hijacking is a form of unwanted software that modifies a web browser's settings without a user's permission, to inject unwanted advertising into the user's browser. A browser hijacker may replace the existing home page, error page, or search engine with its own. These are generally used to force hits to a particular website, increasing its advertising revenue.

<span class="mw-page-title-main">Extended Validation Certificate</span> X.509 public key certificate

An Extended Validation Certificate (EV) is a certificate conforming to X.509 that proves the legal entity of the owner and is signed by a certificate authority key that can issue EV certificates. EV certificates can be used in the same manner as any other X.509 certificates, including securing web communications with HTTPS and signing software and documents. Unlike domain-validated certificates and organization-validation certificates, EV certificates can be issued only by a subset of certificate authorities (CAs) and require verification of the requesting entity's legal identity before certificate issuance.

Internet fraud prevention is the act of stopping various types of internet fraud. Due to the many different ways of committing fraud over the Internet, such as stolen credit cards, identity theft, phishing, and chargebacks, users of the Internet, including online merchants, financial institutions and consumers who make online purchases, must make sure to avoid or minimize the risk of falling prey to such scams.

<span class="mw-page-title-main">Kaspersky Internet Security</span> Internet security suite developed by Kaspersky Lab

Kaspersky Internet Security was an internet security suite developed by Kaspersky Lab compatible with Microsoft Windows and Mac OS X. Kaspersky Internet Security offers protection from malware, as well as email spam, phishing and hacking attempts, and data leaks. Kaspersky Lab Diagnostics results are distributed to relevant developers through the MIT License.

<span class="mw-page-title-main">VirusTotal</span> Cybersecurity website owned by Chronicle

VirusTotal is a website created by the Spanish security company Hispasec Sistemas. Launched in June 2004, it was acquired by Google in September 2012. The company's ownership switched in January 2018 to Chronicle, a subsidiary of Google.

<span class="mw-page-title-main">WOT Services</span> Website reputation service

WOT Services is the developer of MyWOT, an online reputation and Internet safety service which shows indicators of trust about existing websites. The confidence level is based both on user ratings and on third-party malware, phishing, scam and spam blacklists. The service also provides crowdsourced reviews, about to what extent websites are trustworthy, and respect user privacy, vendor reliability and child safety.

<span class="mw-page-title-main">Firefox 2</span> 2006 web browser

Mozilla Firefox 2 is a version of Firefox, a web browser released on October 24, 2006 by the Mozilla Corporation.

<span class="mw-page-title-main">Clickjacking</span> Malicious technique of tricking a Web user

Clickjacking is a malicious technique of tricking a user into clicking on something different from what the user perceives, thus potentially revealing confidential information or allowing others to take control of their computer while clicking on seemingly innocuous objects, including web pages.

<span class="mw-page-title-main">Kaspersky Lab</span> Russian multinational cybersecurity and anti-virus provider

Kaspersky Lab is a Russian multinational cybersecurity and anti-virus provider headquartered in Moscow, Russia, and operated by a holding company in the United Kingdom. It was founded in 1997 by Eugene Kaspersky, Natalya Kaspersky and Alexey De-Monderik. Kaspersky Lab develops and sells antivirus, internet security, password management, endpoint security, and other cybersecurity products and services.

Trusteer is a Boston-based computer security division of IBM, responsible for a suite of security software. Founded by Mickey Boodaei and Rakesh K. Loonkar, in Israel in 2006, Trusteer was acquired in September 2013 by IBM for $1 billion.

SmartScreen is a cloud-based anti-phishing and anti-malware component included in several Microsoft products:

<span class="mw-page-title-main">Google Safe Browsing</span> Service that warns about malicious URLs

Google Safe Browsing is a service from Google that warns users when they attempt to navigate to a dangerous website or download dangerous files. Safe Browsing also notifies webmasters when their websites are compromised by malicious actors and helps them diagnose and resolve the problem. This protection works across Google products and is claimed to “power safer browsing experiences across the Internet”. It lists URLs for web resources that contain malware or phishing content. Browsers like Google Chrome, Safari, Firefox, Vivaldi, Brave, and GNOME Web use these lists from Google Safe Browsing to check pages against potential threats. Google also provides a public API for the service.

MailSite is a commercial mail server, calendar software, contact manager, and collaborative software that was developed by Rockliffe Systems. It was one of the first mail servers to run on Windows NT using Internet standards when version 1.2 was released in 1996 and is currently still in development. It also includes an Exchange ActiveSync (EAS) server for synchronizing mail, calendar and contacts with mobile devices. MailSite also works with Internet Standards-based mail clients such as Mozilla Thunderbird.

References

  1. Chanti, S.; Chithralekha, T. (2020-01-01). "Classification of Anti-phishing Solutions". SN Computer Science. 1 (1): 11. doi: 10.1007/s42979-019-0011-2 . ISSN   2662-995X.
  2. Aleksandersen, Daniel (16 August 2016). "Most of the alternate web browsers don't have fraud and malware protection". Slight Future. Retrieved 25 August 2016.
  3. Gartner Inc. "Best Email Security Reviews 2023 | Gartner Peer Insights". Gartner. Retrieved 2023-07-18.
  4. Gartner Inc. "Best Security Awareness Training Software Reviews 2023 | Gartner Peer Insights". Gartner. Retrieved 2023-07-18.
  5. "EarthLink ScamBlocker". EarthLink. 2006-09-01.
  6. "eBay Toolbar". eBay. 2007-03-15.
  7. Egress Defend
  8. "GeoTrust TrustWatch". GeoTrust. 2010-11-02.
  9. "Kaspersky Internet Security". Kaspersky. 2021-01-15.
  10. "Kaspersky Anti-Virus". Kaspersky. 2021-01-15.
  11. "McAfee SiteAdvisor". McAfee. 2022-05-20.
  12. "Phinding Phish: An Evaluation of Anti-Phishing Toolbars" (PDF). Archived from the original (PDF) on 2010-06-10. Retrieved 2008-05-25.
  13. "Firefox 2 Phishing Protection Effectiveness Testing" . Retrieved 2008-05-25.
  14. "Comment to Asa Dotzler blog post "safari unsafe? paypal thinks so."". Archived from the original on 5 May 2008. Retrieved 2008-05-25.
  15. "Comment to Asa Dotzler blog post "safari unsafe? paypal thinks so."". Archived from the original on 5 May 2008. Retrieved 2008-05-25.
  16. "Comment to Asa Dotzler blog post "safari unsafe? paypal thinks so."". Archived from the original on 5 May 2008. Retrieved 2008-05-25.
  17. Khan, Khalid (March 21, 2024). "Comparison of Anti Phishing Tools" (PDF). kth.diva-portal.org. Retrieved August 11, 2024.
  18. Schneier, Bruce. "Kingdom Authentication". CSO Magazine. Feb 2006: 52.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.