Professional Documents
Culture Documents
Phishing email will direct the user to visit a website where they are asked to update personal
information, such as a password, credit card, social security, or bank account numbers, that
the legitimate organization already has. The website, however, is bogus and set up only to
steal the information the user enters on the page.
Purpose of Phishing:
Imapacts of Phishing
Anti-phishing toolbars
Some plug-ins and toolbars that can be integrated into web browsers provide protection
against phishing attacks.
The toolbars can indicate us using some signs, when we reach a phishing website. We can
also report phishing websites through toolbar options. These toolbars and plug-ins function
by referencing a database of known FQDNs and IP addresses that have been reported as
phishing sites. Some of them also check certain heuristics (for example if the server ip
belongs to a different country than the user) that usually indicate that a site is legitimate or
not.
Some of the popular anti phishing toolbars are as follow:
EarthLink Toolbar
and an extensive database of contacts at hosting companies, DNS providers, registrars and
ISPs set up such that effective countermeasures can be started within seconds of a report
being verified. Additionally, Netcraft continues to monitor a phishing URL after it becomes
unavailable, and if it reappears, perhaps because the host is compromised and the fraudster is
able to replace the phishing content after the site owner removes it, then the countermeasures
are restarted.
Netcraft will identify, contact and liaise with the company responsible for hosting the
fraudulent content. Netcraft enjoys excellent relations with the hosting community, and many
of the worlds largest hosting companies and domain registrars are Netcraft customers.
Netcraft can exercise its existing relationships with these companies to provide a swift and
smooth response to the detection of the site. If the hosting company is reputable, this may be
sufficient to ensure a prompt end to the fraudulent activity.
Netcraft will identify, contact and liaise with the law enforcement agency in the hosting
companys local jurisdiction.
Fraudsters Infrastructure
Netcraft can also report back IP addresses which are under the control of the fraudster. This
can be used to lock accounts accessed from those IP addresses, and to block further access
from the fraudsters machines once identified.
Netcraft also engages with hosting companies to preserve & retrieve any data files, logs or
other information left by the fraudster. Information identifying affected customers is very
useful in mitigating the impact of the attack, and minimising monetary loss.
The takedown process is easy to follow for clients, who can track progress by web, electronic
mail or RSS feed. The availability of the phishing site is monitored and graphed and new
attacks are notified via mail, SMS and optionally SMS-to-voice.
Enforces display of browser navigational controls (toolbar & address bar) in all
windows, to defend against pop up windows which attempt to hide the navigational
controls (Firefox only).