Anti-phishing Impacts on Web Site Owner
Published October 9th, 2006 in Technology.Phishing emergence in online communications media allows scammers to reach many more people than ever before and at lower cost, whether through spam, e-mail and instant message scams; faked Web pages; or other online avenues. But the media usually focus on phishing’s consumer impact and seldom look at how various anti-phishing solutions affect the web site owners.
Being a victim of what I call “Anti-phishing Fraud”, it makes me feel wanting to find out how various anti-phishing solutions work. The official explanation for marking one of my pages suspicious according to Microsoft Phishing Filter FAQ is
A suspicious Web site has some of the typical characteristics of phishing Web sites, but it is not on the list of reported phishing Web sites. The Web site might be legitimate, but you should be cautious about entering any personal or financial information unless you are certain that the site is trustworthy.
In addition to IE7, the toolbar and browser solutions in the market include the offerings from EarthLink, eBay, GeoTrust, Google Safe Browsing using Firefox, McAfee SiteAdvisor, Netcraft, and Netscape. The accuracy of these solutions varies from good to useless. The latest study quoted on IEBlog based on Anti-phishing Accuracy Score indicates IE7 is the market leader in terms of accuracy.
Netcraft Toolbar comes second with a minor score difference to IE7. For Firefox fans, you are pretty safe with Google Safe Browsing which comes on third position. The last on the list is McAfee Site Advisor with a score 57x less than the top scorer. You can find out the rest of the score at 3Sharp LLC, the technical services firm which carried out the study.
Internet Explorer 7 (beta)
IE7 includes the Microsoft Phishing Filter, which is also available as part of the Windows Live Toolbar. The Phishing Filter uses a combination of Microsoft’s URL Reputation Service (URS) and local heuristics built into the IE 7 browser. These methods allow it to identify and warn users in real time of suspected phish URLs, and block them from accessing confirmed phishing sites that have been reported to the URS by either users or third-party data providers.
There are two levels of warning: yellow warning (which is what I get) and red warning. Yellow warning reflects a “maybe,” rather than a “proven,” phishing label. I believe this is merely an assessment from the local heuristics. My site is clearly not a phishing site and you are welcome to vote it out. Red warning indicates a confirmed phishing site.
Netcraft Toolbar
Netcraft’s free toolbar leverages Netcraft’s very large database of Web servers to flag suspected or actual phishing sites. The toolbar has several built-in safety checks that will alert you if a URL contains suspicious characters, or a page is possibly susceptible to Cross-Site Scripting (XSS) attacks. The toolbar displays several useful characteristics of the current page, including the country where the Web server is hosted, the true IP address, and a bar-graph Risk Rating indicator. As a user, you mainly judge a site based on its hosting geographic location.
The Risk Rating displayed by the Netcraft Toolbar offers a further level of protection against new sites that are not yet in Netcraft’s database. Hosting a web site on an unusual port number will also increase the Risk Rating, as will hosting a site from a raw IP address, as many phishing sites employ this tactic.
The Netcraft Toolbar is available for Microsoft Internet Explorer and Mozilla Firefox.
Google Safe Browsing for Mozilla Firefox (beta)
Google Safe Browsing uses several techniques to determine whether a page is genuine, including the use of a blacklist containing pages that have been identified as suspicious and/or misleading based on automated detection or user reports. It also examines pages’ content and structure in order to catch potentially misleading pages.
The toolbar is only needed for Firefox 1.5. Firefox 2.0 (in beta) will have the same feature fully integrated to the browser.
The Trouble
The problem arises when a user marks a clean site for the purpose other than anti-phishing. As a web site owner, you will have a nightmare filling in forms to explain a page is otherwise. Each anti-phishing solution has a way to report incorrectly blocked URL ranging from extremely tedious to simple.
For example, in IE7 you can click on the link on the warnings sign to report as site owner or a user. For site owner, you need to fill in a webmaster form that includes personal details and four compulsory questions and 2 optional questions which include asking the URL of your website privacy statement.
Netcraft Toolbar is a bit easier. Apart from personal details of the site owner, you also need to provide reasons for reporting the URL as incorrectly blocked. Google Safe Browsing is the simplest of all. You don’t need to submit anything other than the URL.
Once a dispute is submitted, a team of human graders will inspect the site in question. I personally do not know how long this will take. However, imagine you have a 1000 pages web site with 50 pages marked as phishing pages. You will have enough headaches.
Anti-phishing Impacts on Web Site Owner
Published October 9th, 2006 in Technology.Phishing emergence in online communications media allows scammers to reach many more people than ever before and at lower cost, whether through spam, e-mail and instant message scams; faked Web pages; or other online avenues. But the media usually focus on phishing’s consumer impact and seldom look at how various anti-phishing solutions affect the web site owners.
Being a victim of what I call “Anti-phishing Fraud”, it makes me feel wanting to find out how various anti-phishing solutions work. The official explanation for marking one of my pages suspicious according to Microsoft Phishing Filter FAQ is
A suspicious Web site has some of the typical characteristics of phishing Web sites, but it is not on the list of reported phishing Web sites. The Web site might be legitimate, but you should be cautious about entering any personal or financial information unless you are certain that the site is trustworthy.
In addition to IE7, the toolbar and browser solutions in the market include the offerings from EarthLink, eBay, GeoTrust, Google Safe Browsing using Firefox, McAfee SiteAdvisor, Netcraft, and Netscape. The accuracy of these solutions varies from good to useless. The latest study quoted on IEBlog based on Anti-phishing Accuracy Score indicates IE7 is the market leader in terms of accuracy.
Netcraft Toolbar comes second with a minor score difference to IE7. For Firefox fans, you are pretty safe with Google Safe Browsing which comes on third position. The last on the list is McAfee Site Advisor with a score 57x less than the top scorer. You can find out the rest of the score at 3Sharp LLC, the technical services firm which carried out the study.
Internet Explorer 7 (beta)
IE7 includes the Microsoft Phishing Filter, which is also available as part of the Windows Live Toolbar. The Phishing Filter uses a combination of Microsoft’s URL Reputation Service (URS) and local heuristics built into the IE 7 browser. These methods allow it to identify and warn users in real time of suspected phish URLs, and block them from accessing confirmed phishing sites that have been reported to the URS by either users or third-party data providers.
There are two levels of warning: yellow warning (which is what I get) and red warning. Yellow warning reflects a “maybe,” rather than a “proven,” phishing label. I believe this is merely an assessment from the local heuristics. My site is clearly not a phishing site and you are welcome to vote it out. Red warning indicates a confirmed phishing site.
Netcraft Toolbar
Netcraft’s free toolbar leverages Netcraft’s very large database of Web servers to flag suspected or actual phishing sites. The toolbar has several built-in safety checks that will alert you if a URL contains suspicious characters, or a page is possibly susceptible to Cross-Site Scripting (XSS) attacks. The toolbar displays several useful characteristics of the current page, including the country where the Web server is hosted, the true IP address, and a bar-graph Risk Rating indicator. As a user, you mainly judge a site based on its hosting geographic location.
The Risk Rating displayed by the Netcraft Toolbar offers a further level of protection against new sites that are not yet in Netcraft’s database. Hosting a web site on an unusual port number will also increase the Risk Rating, as will hosting a site from a raw IP address, as many phishing sites employ this tactic.
The Netcraft Toolbar is available for Microsoft Internet Explorer and Mozilla Firefox.
Google Safe Browsing for Mozilla Firefox (beta)
Google Safe Browsing uses several techniques to determine whether a page is genuine, including the use of a blacklist containing pages that have been identified as suspicious and/or misleading based on automated detection or user reports. It also examines pages’ content and structure in order to catch potentially misleading pages.
The toolbar is only needed for Firefox 1.5. Firefox 2.0 (in beta) will have the same feature fully integrated to the browser.
The Trouble
The problem arises when a user marks a clean site for the purpose other than anti-phishing. As a web site owner, you will have a nightmare filling in forms to explain a page is otherwise. Each anti-phishing solution has a way to report incorrectly blocked URL ranging from extremely tedious to simple.
For example, in IE7 you can click on the link on the warnings sign to report as site owner or a user. For site owner, you need to fill in a webmaster form that includes personal details and four compulsory questions and 2 optional questions which include asking the URL of your website privacy statement.
Netcraft Toolbar is a bit easier. Apart from personal details of the site owner, you also need to provide reasons for reporting the URL as incorrectly blocked. Google Safe Browsing is the simplest of all. You don’t need to submit anything other than the URL.
Once a dispute is submitted, a team of human graders will inspect the site in question. I personally do not know how long this will take. However, imagine you have a 1000 pages web site with 50 pages marked as phishing pages. You will have enough headaches.
0 Responses to “Anti-phishing Impacts on Web Site Owner”
Please Wait
Leave a Reply