| View previous topic :: View next topic |
| Author |
Message |
Oldfrog
Special Response Team
Joined: Jun 27, 2004
Posts: 8576
Location: Deep in the Heart of Texas
|
|
| Back to top |
|
 |
pdf41
Cadet
Joined: Dec 16, 2004
Posts: 7
Location: USA
|
 Posted: Mon Feb 28, 2005 2:29 am Post subject: |
|
|
Hello , just got to this page . Looks like a bit of info.
Thanks again ,
pdf41
|
|
| Back to top |
|
|
quietman7
1st Responder Mentor
1st Responder Mentor
Joined: Sep 30, 2004
Posts: 3566
Location: Virginia, USA
|
| Posted: Mon Feb 28, 2005 2:06 pm Post subject: |
|
|
Oldfrog are your pending a review of Phishguard?
http://www.phishguard.com/
"PhishGuard is a FREE service that detects and rapidly disables Internet "phishing" or "spoofing" attacks designed to steal critical financial data."
It runs as a startup program instead of a toolbar.
|
|
| Back to top |
|
|
Oldfrog
Special Response Team
Joined: Jun 27, 2004
Posts: 8576
Location: Deep in the Heart of Texas
|
| Posted: Mon Feb 28, 2005 2:21 pm Post subject: |
|
|
Thanks for the tip, quietman7. We will have to check that out as well.
_________________
 MS MVP Security 2006-2008
|
|
| Back to top |
|
|
JJKebab
Cadet
Joined: Mar 06, 2005
Posts: 3
Location: UK
|
| Posted: Sun Mar 06, 2005 11:37 am Post subject: |
|
|
Have you tried http://www.site-safe.org
It sits in the system tray and works with multiple browsers (including FireFox!!!)
|
|
| Back to top |
|
|
quietman7
1st Responder Mentor
1st Responder Mentor
Joined: Sep 30, 2004
Posts: 3566
Location: Virginia, USA
|
| Posted: Sun Mar 06, 2005 12:39 pm Post subject: |
|
|
At least they are up front about what they do!
| Quote: | PRIVACY NOTICE: We collect anonymous usage information to help improve our service. Each sitesafe application installation creates a unique ID which is used to prevent abuse of the feedback facility. It is NOT used to identify a user or collect sensitive data such as email addresses, credit card details, personal information or surfing habits. We respect users' privacy.
|
| Quote: | The sitesafe application works by checking the web pages you visit in your browser against our constantly updated database of registered websites and displays information valuable to your purchasing decision.
|
Does this mean they are building their master database only on good sites that register with them instead of reported bad ones? Wonder how many have signed up so far.
|
|
| Back to top |
|
|
Oldfrog
Special Response Team
Joined: Jun 27, 2004
Posts: 8576
Location: Deep in the Heart of Texas
|
| Posted: Sun Mar 06, 2005 1:17 pm Post subject: |
|
|
| Quote: | | displays information valuable to your purchasing decision. |
That makes me very wary. It goes without saying that any of the products that use any type of database will be "phoning home" to do their lookups. Still I don't like their reference to "purchasing decision".
_________________
MS MVP Security 2006-2008
|
|
| Back to top |
|
|
JJKebab
Cadet
Joined: Mar 06, 2005
Posts: 3
Location: UK
|
| Posted: Sun Mar 06, 2005 1:21 pm Post subject: |
|
|
It does more than one thing:
1. It shows information about legitimate websites.
2. It identifies fraudulent websites.
It allows users to report fraudulent websites such as scam banks and phishing schemes, as well as post positive and negative feedback on legitimate retailers on line.
It has a "downloads to date" on the homepage.
Oldfrog: How would you keep an anti-phishing app up to date without consulting a central database?
|
|
| Back to top |
|
|
Oldfrog
Special Response Team
Joined: Jun 27, 2004
Posts: 8576
Location: Deep in the Heart of Texas
|
| Posted: Sun Mar 06, 2005 1:40 pm Post subject: |
|
|
| Quote: | | How would you keep an anti-phishing app up to date without consulting a central database? |
Oh, you couldn't. And, as I mentioned in my earlier post, some apps seem to be checking each URL entered or clicked against their own online database in real time.
What I find suspicious in this particular case is the language used. If they had used the phrase "valuable to your online security" instead of "valuable to your purchasing decision" I would have had no problem with it. I also used the terms "wary" and "suspicious" to indicate that I was not sure rather than rejecting it outright. I had similar suspicions about the language used in the EULA of one of the toolbars tested and the company responded to my concern and alleviated my fears. This might very well turn out the same but does need more looking into.
_________________
MS MVP Security 2006-2008
|
|
| Back to top |
|
|
quietman7
1st Responder Mentor
1st Responder Mentor
Joined: Sep 30, 2004
Posts: 3566
Location: Virginia, USA
|
| Posted: Sun Mar 06, 2005 1:50 pm Post subject: |
|
|
| Quote: | | The sitesafe application works by checking the web pages you visit in your browser against our constantly updated database of registered websites |
And I would also be weary of their database collection methodology. As I questioned above, are they only relying on "good" websites to register and then depending solely on them as a master database? It appears so by thier ad. And then does this mean "bad" sites and all those unregistered are lumped together as not in their database? As such will their service identify them all as "bad" simply for lack of registering?
|
|
| Back to top |
|
|
JJKebab
Cadet
Joined: Mar 06, 2005
Posts: 3
Location: UK
|
| Posted: Sun Mar 06, 2005 2:07 pm Post subject: |
|
|
They are not just relying on a database of "good" sites. They also have a database of "bad" websites, so bad and not registered are not bundled in together.
As far as their language is concerned, they are targeting two markets with one application: people purchasing from known "good" websites, and people wanting to avoid "bad" websites.
It is therfore not just an anti-phishing tool, but an all round purchasing-online-security application.
You may email them if you wish. I think they do have a direct email on their website.
|
|
| Back to top |
|
|
quietman7
1st Responder Mentor
1st Responder Mentor
Joined: Sep 30, 2004
Posts: 3566
Location: Virginia, USA
|
| Posted: Mon Apr 11, 2005 4:53 pm Post subject: |
|
|
Oldfrog, I finally received this reply from the folks at Phishguard after requesting more info about their program and methodology.
| Quote: | Hi. We'll put some information together for you later today. Thanks.
--Steve |
I will keep you posted on what they send me.
|
|
| Back to top |
|
|
Oldfrog
Special Response Team
Joined: Jun 27, 2004
Posts: 8576
Location: Deep in the Heart of Texas
|
| Posted: Mon Apr 11, 2005 5:20 pm Post subject: |
|
|
Thanks, QM.
Edit: It will take some experience with the app prior to a review but at least I have it installed, working, and added to the initial post in this topic.
|
|
| Back to top |
|
|
quietman7
1st Responder Mentor
1st Responder Mentor
Joined: Sep 30, 2004
Posts: 3566
Location: Virginia, USA
|
| Posted: Wed Apr 13, 2005 8:36 am Post subject: |
|
|
Here is the info sent from Steve at Phishguard:
| Quote: | PHISHGUARD OVERVIEW
- PhishGuard was launched in September 2004 and is available through many popular download sites.
- PhishGuard is a free service targeting the key chokepoint (URL navigation via Microsoft Internet Explorer browser) to intercept email and
webpage-based phishing/spoofing attacks.
- PhishGuard is a real-time system, with minimal delays between the
discovery of a new scam and the point that subscribers are immunized.
- PhishGuard utilizes an enterprise-class distributed database-driven server architecture that is highly flexible and scalable.
- Co-founders have over fifty years combined experience in development of secure, scalable, high volume database, Internet, and financial ystems.
PHISHGUARD FEATURES
- Windows 98/NT/Me/2000/XP application.
- Desktop client-server architecture. Desktop software consists of multiple
very lightweight clients (one per browser) communicating with one local
server component.
- Zero browsing impact. Threat evaluation does not delay web page loading, or otherwise change end-user perception of browser operation.
- Real-time phishing database updates. Desktop software polls the servers
for incremental changes to the phishing database.
- Phishing attack alert window. Attempts to access or submit data to a known phishing site results in a highly visible warning window. An optional
warning sound is also supported.
- Support for Internet Explorer version 4 or greater.
- Support for additional browsers. Mozilla/Firefox in process; others
planned.
- Automatic software updates. Minimum time from new software releases until widespread use. Zero end-user effort required to stay current. Application is self-healing for missing/corrupt components.
- User submissions of emails. Submission of entire phishing emails from
Outlook 97 through Outlook 2003 and Outlook Express encourages end-users to make submissions without requiring that they visit the phishing site.
- User submissions of URLs. More sophisticated end-users can submit specific URLs for potential inclusion in the phishing database.
- Submission status with scam-specific information. End-users can view the disposition (evaluation by the PhishGuard security team) of previously
submitted emails or URLs.
- End-user registration. Minimal information required to install and run
PhishGuard, and receive phishing database and software updates.
PHISHGUARD SERVERS/INFRASTRUCTURE
- Geographically distributed servers. Diverse network paths between
end-users and core PhishGuard servers ensure high availability.
- Multiple "honey pot" scam sources. Email accounts that have been "seeded" and "incubated" to increase the number of phishing scams received.
- End-user submission network. A growing population of end-users decreases the latency between the introduction of new phishing scams and their detection.
- Security Team. Security analysts are alerted to submitted threats and
rapidly classify sites/URLs. Submitted URLs (or those from "honey pot"
sources) that are determined to be phishing scams are marked for immediate distribution to polling desktop applications.
If you have any further questions, just let us know.
--Steve
|
I gave Steve the link to our forum and invited him to make additional comments.
|
|
| Back to top |
|
|
Ikeb
Special Response Team
Forums Admin
Joined: Apr 20, 2003
Posts: 16515
|
| Posted: Wed Apr 13, 2005 4:12 pm Post subject: |
|
|
Looks good Steve! So when is a FireFox version going to be available?
|
|
| Back to top |
|
|
|
|
Forum FAQ
Search
Usergroups
Profile
Login to check your private messages
Login
