Wikipedia defines phishing as "a criminal activity using social engineering techniques. Phishers attempt to fraudulently acquire sensitive information, such as passwords and credit card details, by masquerading as a trustworthy person or business in an electronic communication. Phishing is typically carried out using email or an instant message, although phone contact has been used as well."
Usually, emails that contain links phishing sites have deceptive subjects like "Important message from your Bank", use fake email addresses, copy logos and text from the sites they want to imitate. The URLs included in the emails may contain redirects, IP addresses or may look similar to the genuine URLs.
FraudWatch International reports that, on average, phishing sites remain active for 5 days before they are shut down.
To protect you against the increasing number of phishing sites, the latest versions of many browsers have added phishing protection.
IE7
* the Phishing Filter is opt-in.
* two ways:
- automatically check sites you visit against the list of known phishing sites on the Microsoft server.
- check individual sites, if you have a reason to think they may be used for phishing.
* there's also an heuristic way to detect common elements included in phishing sites. In this case, IE7 shows a warning.
* IE7 has a whitelist, that includes sites like microsoft.com
* privacy: "When you use Phishing Filter to check websites automatically or manually, the address of the website you are visiting will be sent to Microsoft, together with some standard information from your computer such as IP address, browser type, and Phishing Filter version number. To help protect your privacy, the address information sent to Microsoft is encrypted using SSL and limited to the domain and path of the website. Other information that may be associated with the address, such as search terms, data you entered in forms, or cookies, will not be sent."
* the Phishing Filter is also available as an add-on for MSN Search Toolbar, in IE6.
Firefox 2
* the Phishing Protection is on by default.
* two ways:
- by default, Firefox checks each webpage you visit against a local list of pages, that's regularly updated (approximately twice per hour)
- you can also choose a real-time protection, but that means you send every URL you visit to Google or to other provider (for the moment, Google is the only provider).
* Firefox doesn't use heuristics to see if a web page may be used for phishing.
* privacy:
"Firefox sends the URL of the web page, in addition to your IP address and other Non-Personally-Identifying Information, to the selected third party service provider. Firefox displays a warning if the third party service provider returns with a response indicating that the URL you are accessing is a suspected web forgery. Finally, if you take any action in response to a phishing protection warning message, the selected phishing protection service provider may record that action and the URL of the page, and a cookie may be placed on your computer. While it is possible that a URL sent to your service provider may itself contain Personally-Identifying Information, Mozilla's third party service providers have entered into a written agreement with Mozilla not to use Personally-Identifying Information for purposes other than to enhance and maintain their service."
* the real-time phishing filter is also available in Google Safe Browsing and Google Toolbar for Firefox.
Opera 9.1
* anti-phishing will be included in Opera 9.1, as reported by Johan Borg, an Opera developer.
* Opera will include only real-time protection and will send to opera.com the domain name and a hash of the current page. "The reply from the server is an XML document containing the trust level of the domain. This reply will be cached by Opera for a time indicated by our server."
* privacy:
Opera won't store IP addresses or store cookies and chose to sent requests over HTTP, in plain text.
Other interesting solutions:
* Netcraft Toolbar (IE, Firefox) that shows a Risk Rating for each site you visit.
* eBay Toolbar (IE 6.0), that includes Account Guard, a feature that lets you know when you're on a eBay site and when they site you visit is a known phishing site.
* Earthlink Toolbar (IE, Firefox) includes ScamBlocker, a real-time detection feature that shows whether a site is dangerous, questionable, safe or whether there isn't too much information to judge it.
From my empirical testing, Firefox 2 (and also Google Toolbar for Firefox) and Netcraft Toolbar offer the best protection.
If you don't want to use anti-phishing features included in your browser or in other toolbars, it's a good idea to read these tips from Anti-Phishing Working Group.
Labels
Web Search
Gmail
Google Docs
Mobile
YouTube
Google Maps
Google Chrome
User interface
Tips
iGoogle
Social
Google Reader
Traffic Making Devices
cpp programming
Ads
Image Search
Google Calendar
tips dan trik
Google Video
Google Translate
web programming
Picasa Web Albums
Blogger
Google News
Google Earth
Yahoo
Android
Google Talk
Google Plus
Greasemonkey
Security
software download
info
Firefox extensions
Google Toolbar
Software
OneBox
Google Apps
Google Suggest
SEO Traffic tips
Book Search
API
Acquisitions
InOut
Visualization
Web Design Method for Getting Ultimate Traffic
Webmasters
Google Desktop
How to Blogging
Music
Nostalgia
orkut
Google Chrome OS
Google Contacts
Google Notebook
SQL programming
Google Local
Make Money
Windows Live
GDrive
Google Gears
April Fools Day
Google Analytics
Google Co-op
visual basic
Knowledge
java programming
Google Checkout
Google Instant
Google Bookmarks
Google Phone
Google Trends
Web History
mp3 download
Easter Egg
Google Profiles
Blog Search
Google Buzz
Google Services
Site Map for Ur Site
game download
games trick
Google Pack
Spam
cerita hidup
Picasa
Product's Marketing
Universal Search
FeedBurner
Google Groups
Month in review
Twitter Traffic
AJAX Search
Google Dictionary
Google Sites
Google Update
Page Creator
Game
Google Finance
Google Goggles
Google Music
file download
Annoyances
Froogle
Google Base
Google Latitude
Google Voice
Google Wave
Google Health
Google Scholar
PlusBox
SearchMash
teknologi unik
video download
windows
Facebook Traffic
Social Media Marketing
Yahoo Pipes
Google Play
Google Promos
Google TV
SketchUp
WEB Domain
WWW World Wide Service
chord
Improve Adsence Earning
jurnalistik
sistem operasi
AdWords Traffic
App Designing
Tips and Tricks
WEB Hosting
linux
How to Get Hosting
Linux Kernel
WEB Errors
Writing Content
award
business communication
ubuntu
unik