Phishing & BotNets
Anti-phishing Toolbars Evaluation Jul 24 2006 09:08AM
Abhishek Kumar (abhishek kumar paladion net) (2 replies)
Re: Anti-phishing Toolbars Evaluation Jul 27 2006 10:42AM
xun dong (xundong cs york ac uk) (3 replies)
RE: Anti-phishing Toolbars Evaluation Jul 28 2006 12:30PM
Abhishek Kumar (abhishek kumar paladion net) (1 replies)
Re: Anti-phishing Toolbars Evaluation Jul 28 2006 06:10PM
Paul Laudanski (paul castlecops com)
IRS phishing attack Jul 27 2006 07:55PM
Pete Herzog (lists isecom org) (1 replies)
Re: IRS phishing attack Jul 28 2006 06:00PM
Paul Laudanski (paul castlecops com)
Re: Anti-phishing Toolbars Evaluation Jul 27 2006 07:22PM
Saeed Abu Nimeh (drellman hotmail com) (1 replies)


xun dong wrote:
> There is one important feature of Anti-phishing toolbars has missed :
> The time gap between the launch of a phishing attack and it is been
> recognized by the toolbars. It is the most profitable period for phisher
> and most damage have done during that period. The quicker the toolbar
> can respond, the better protection it can provide.
>

This is similar to 0-day. Till the attack (in our case phishing site) is
added to the engine (db) it is undetectable. How to estimate and solve
this, I do not know!

> Although it would be hard to calculate the exact time gap, but it would
> be possible to discover who generally respond first. This is still hard
> to do, but it is feasible. Any body has better ideas of doing this?
>
> It would be also useful to evaluate how the toolbars get updated. It
> would also useful to point out whether the toolbar is database driven,
> rule based or use other AI techniques. This information can reveal in
> principle how well the toolbar can handle known and unknown phishing
> attacks.
>
> The last suggestion I would made is add an entry about which platform it
> support.
>
> -xun dong.
>
> Abhishek Kumar wrote:
>> Hi All,
>>
>> Recently I carried out an evaluation of some of the popular Anti-phishing
>> toolbars. The toolbars were tested on a number of parameters such as,
>> accuracy in detecting phishing URLs, alerting mechanism, detailed
>> analysis
>> of websites, help information provided to users etc. The results obtained
>> from the evaluation can help the users in selecting the right
>> anti-phishing
>> toolbar.
>>
>> You can read the details of the evaluation on my blog on phishing at
>> http://phishtrails.blogspot.com/. All flowers, brickbats and
>> suggestions are
>> welcome.
>>
>> Thanks
>> Abhishek
>>
>
>
>

[ reply ]
Re: Anti-phishing Toolbars Evaluation Jul 27 2006 09:50PM
Paul Laudanski (paul castlecops com)
Re: Anti-phishing Toolbars Evaluation Jul 24 2006 06:05PM
Paul Laudanski (paul castlecops com) (1 replies)
Re: Anti-phishing Toolbars Evaluation Jul 24 2006 06:51PM
Paul Laudanski (paul castlecops com) (1 replies)
RE: Anti-phishing Toolbars Evaluation Jul 25 2006 12:51PM
Abhishek Kumar (abhishek kumar paladion net) (1 replies)
RE: Anti-phishing Toolbars Evaluation Jul 26 2006 02:05AM
Joshua Perrymon (josh perrymon purehacking com)


 

Privacy Statement
Copyright 2010, SecurityFocus