Anti-phishing toolbars broken?

Anti-phishing toolbars broken?
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 General Computer Security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
Anti-phishing toolbars broken? Gisle Hannemyr 08-29-2007
Posted by Gisle Hannemyr on August 29, 2007, 3:44 am
If you were  Registered and logged in, you could reply and use other advanced thread options

A number of anti-phishing tools are now available. They are supposed
to warn web surfers when they are about to enter a phishing web site,
so they can steer clear.

Unfortunately, they seem less then perfect. Not only is one my own web
pages branded as a "known phishing web site" by one of these tools
(Norton Internet Security Online), but another tool brand a well known
phishing site as "verified".

For some screen dumps, and some random thoughts, see the following
article:
http://hannemyr.com/essay/phishing01.html

Any thoughts on what the cause of why these tools fail to make
the correct call in the two cases I write about?

Any related examples?


REQUESTS:

I would be thankful if someone reading this has Norton Internet
Security Online (NISO) installed, could check out the following
two URLs:
http://hannemyr.com/photo/flash.html
http://hannemyr.com/photo/flash.html#nettl
and tell me if both are still flagged as a phish.

Also:
My current screendump from NISO is in Norwegian. I would like
to replace it with one in English. If someone with NISO
installed can be kind enough to mail me a a dump of the alert
it pops up when you try to access my "flash" page (provided it
still does) - that would be much appreciated. TIA.

--
- gisle hannemyr [ gislehannemyr.no - http://folk.uio.no/gisle/ ]
========================================================================
"Don't follow leaders // Watch the parkin' meters" - Bob Dylan

Posted by Sebastian G. on August 29, 2007, 10:55 am
If you were  Registered and logged in, you could reply and use other advanced thread options
Gisle Hannemyr wrote:

> A number of anti-phishing tools are now available. They are supposed
> to warn web surfers when they are about to enter a phishing web site,
> so they can steer clear.


Bullshit. If you're not warned, it might still be a phishing site. That's by
design.

> Unfortunately, they seem less then perfect. Not only is one my own web
> pages branded as a "known phishing web site" by one of these tools
> (Norton Internet Security Online),


Well, of course, this is one of the famous Norton malware packages.

> Any thoughts on what the cause of why these tools fail to make
> the correct call in the two cases I write about?


Because the people are only selling something that gives a good feeling, not
actually provides security.


The site map in XML format XML site map

Contact Us | Privacy Policy