Phishing & BotNets
RE: Anti-phishing Toolbars Evaluation Jul 26 2006 11:00PM
Mark Hofman (mhofman shearwater com au) (1 replies)

I'll qualify this by saying I haven't done much testing of IE7, but from
what I have seen so far, it just sees any page asking for a userid and
password (providing it recognises the userid and password fields) as a
Phising page.

Mark

-----Original Message-----
From: Joshua Perrymon [mailto:josh.perrymon (at) purehacking (dot) com [email concealed]]
Sent: Wednesday, 26 July 2006 12:06 PM
To: 'Abhishek Kumar'; 'Paul Laudanski'
Cc: phishing (at) securityfocus (dot) com [email concealed]
Subject: RE: Anti-phishing Toolbars Evaluation

We perform controlled phishing attacks on our global attacks almost
daily. I
can say the IE7 phsihing filter has never detected any of our sites. I'm
guessing this is due to a white-listing approach and all of our attacks
are
one-off.

My thoughts on an effective anti-phishing browser solution would also
need
to have the ability to be updated. Example- If the company had a widget
that
would detect directed phishing attacks.. Then this information could be
disseminated to the toolbar to stop users from visiting the site. This
could
also be synced to remote users.

Or is this redundant because it should be done in a content management
solution?

Cheers,

JP

Joshua Perrymon, C.E.H.
Sr. Security Consultant

-----------------------------------------

Pure Hacking - The Leaders In Internet Security

-----Original Message-----
From: Abhishek Kumar [mailto:abhishek.kumar (at) paladion (dot) net [email concealed]]
Sent: Tuesday, 25 July 2006 10:52 PM
To: 'Paul Laudanski'
Cc: phishing (at) securityfocus (dot) com [email concealed]
Subject: RE: Anti-phishing Toolbars Evaluation

Paul, thanks for pointing out additional toolbars and the list of
Phishing
URLs.

It will make my next evaluation of the toolbars more exhaustive.

- Abhishek

-----Original Message-----
From: Paul Laudanski [mailto:paul (at) castlecops (dot) com [email concealed]]
Sent: Tuesday, July 25, 2006 12:22 AM
To: Abhishek Kumar; phishing (at) securityfocus (dot) com [email concealed]
Subject: Re: Anti-phishing Toolbars Evaluation

One of the CastleCops staff kindly reminded me of a review thread that
has
been done on this topic as well:

http://www.castlecops.com/postlite107217-phish+toolbars.html

Not exactly up-to-date, but it contains a few pages of discussions
surrounding toolbars.

Paul Laudanski, Microsoft MVP Windows-Security
Phish XML Feed: http://www.castlecops.com/article6619.html
Phish Takedown: http://castlecops.com/pirt
www.CastleCops.com | de.CastleCops.com | wiki.CastleCops.com

----- Original Message -----
From: "Paul Laudanski" <paul (at) castlecops (dot) com [email concealed]>
To: "Abhishek Kumar" <abhishek.kumar (at) paladion (dot) net [email concealed]>;
<phishing (at) securityfocus (dot) com [email concealed]>
Sent: Monday, July 24, 2006 2:05 PM
Subject: Re: Anti-phishing Toolbars Evaluation

> Thank you for your assessment. Its a good start, but to get a better
> profile of the toolbars I'd highly recommend increasing your phish
> sampling size.
>
> You can always use our confirmed/terminated lists:
>
> http://www.castlecops.com/modules.php?name=Fried_Phish&fp=phish
> http://www.castlecops.com/modules.php?name=Fried_Phish&fp=phish&which=
> 6
>
> You may also want to check out some other toolbars like that from
> Firetrust and Compete or Google Firefox Toolbar:
>
> http://toolbar.google.com/firefox/
> http://www.firetrust.com/firetrustsitehound.html
> http://home.compete.com/
>
> Some of these pull the same sources.
>
> Paul Laudanski, Microsoft MVP Windows-Security
> Phish XML Feed: http://www.castlecops.com/article6619.html
> Phish Takedown: http://castlecops.com/pirt
> www.CastleCops.com | de.CastleCops.com | wiki.CastleCops.com
>
> ----- Original Message -----
> From: "Abhishek Kumar" <abhishek.kumar (at) paladion (dot) net [email concealed]>
> To: <phishing (at) securityfocus (dot) com [email concealed]>
> Sent: Monday, July 24, 2006 5:08 AM
> Subject: Anti-phishing Toolbars Evaluation
>
>
>> Hi All,
>>
>> Recently I carried out an evaluation of some of the popular
>> Anti-phishing toolbars. The toolbars were tested on a number of
>> parameters such as, accuracy in detecting phishing URLs, alerting
>> mechanism, detailed analysis of websites, help information provided
>> to users etc. The results obtained from the evaluation can help the
>> users in selecting the right anti-phishing
>> toolbar.
>>
>> You can read the details of the evaluation on my blog on phishing at
>> http://phishtrails.blogspot.com/. All flowers, brickbats and
>> suggestions are welcome.
>>
>> Thanks
>> Abhishek
>>
>

[ reply ]
RE: Anti-phishing Toolbars Evaluation Jul 27 2006 07:24AM
Joshua Perrymon (josh perrymon purehacking com)


 

Privacy Statement
Copyright 2010, SecurityFocus