Jump to content

Anti Phishing:Test your Knowledge and Learn about all the Tools to prevent Phishing ..


majithia23

Recommended Posts

phishing.png

Phishing (fish'ing) is the act of sending a fraudulent email to someone, falsely claiming to be an established and often trusted business or institution in an attempt to scam the user into surrendering private information that will be used for identity theft. In most cases the email directs the recipient to visit a website where they are asked to update personal information, such as username and password, credit card, social security, and bank account numbers. The website, however, is bogus and set up only to steal the victim's information.

The sender (phisher) of these fake e-mails wants you to click on the link in the e-mail and go to a phishing Web site - which will look just like the Web site of the company being phished. Once on the phishers Web site they hope to obtain your account, financial, credit and even identity information. Of course not every e-mail you receive is a phish. In fact you should expect your bank or e-commerce vendor to send you legitimate e-mail.

But how can you tell the difference?

And with more evolved Phishing Techniques it becomes all the more difficult ...

Well that's what the Phishing IQ test is all about - give it a try.

Test your Knowledge and then Learn About new things regarding Phishing ..

1-- Sonic Wall Phishing IQ Test

3fxqC.png

Sonic Wall

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

2-VeriSign Phishing Test

UA8ZP.png

VeriSign

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

3-netRiplex Phishing Test

5pMYJ.png

netRiplex

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

4) PhishTank

xCVL7.png

What is PhishTank?

PhishTank is a collaborative clearing house for data and information about phishing on the Internet. Also, PhishTank provides an open API for developers and researchers to integrate anti-phishing data into their applications at no charge.

Check for a URL authenticity . if you suspect it to be a phish link .

Drop it in the search box on the web site and see for the results ..

>>>other way ,

grab a LINK from the already reported ones and test it in your browser ,

see if your security set up / browser / software , alerts you for the bad forged fake link ...

PhishTank

stay safe .....

Link to comment
Share on other sites


  • Replies 7
  • Views 3.1k
  • Created
  • Last Reply

now the tools .

i will be mentioning the tools , which i use and some what depend upon , and which i have found to be actually working and so are helpful .

1- Browsers in built protection .

firstly,

yes . most modern browsers like Firefox , Chrome , Opera have in built web protection feature . dont know if IE 9 has it . never used it .

just turn on the feature where it mentions , " web forgery " or " fraudulent web sites " and you are good to go .

many and most of the times , the browser is able to identify a web forged domain and alert you to it .

( and i have seen in testing , that opera performed better at blocking phishing attacks . could be a co incidence also , but it did block two forged domains which were allowed by FF and chrome . ! )

( ## can fail . see below .----) <<<<<

secondly

, when you open a a url , the browser will very clearly show you the different parts of a url in visual clues .

lets take an example --

34dfl04.jpg

now here , the top domain - HDFCbank.com is in black , telling you this is the top domain and host name and this is the real web site . that is if you entered hdfcbank,com in your browser , then yes this is the real domain and rest all is grayed out .

this is a very important clue and the best protection against phishing fraud .

we will see later as to how . i will try to demonstrate it , with a fraud web site ...

( ## will not fail . see below --) <<<<

2 - WOT

now this tool is s a website rater .

raters are the people like you and me . , who award points to a website depending upon, whether a site is legitimate and whether or not we can trust a domain or not .

so it becomes helpful as you can check for a sites authenticity .

but as it is rated by people like me and you , it does report some false positives . but they are easy to figure out .

and also thats alright to deal with ,

as it does offer some good protection .

better safe than sorry .

( and i havent seen any slow down in browsing speeds with it . )

( ## can fail , see below -- ) <<<<

3 - McAfee Site Advisor

A live web scanner which checks for malware and forged links in a browser .

a good companion to WOT or even stand alone , if you dont want WOT .

as it maintains a huge database of links , it is good be ensured by it .

safe and clean , works good .

( tried AVG link scanner also , but this performed better for me . )

( ## can fail , see below -- ) <<<<

4- FF extension IDND

This is what IDND is about -

"About this Add-on

Puts a little flag in the status bar that tells you whether you are visiting a Traditional Domain Name (green TDN) or an International Domain Name (UN-blue IDN with translation to Punycode). IDN's can be used for phishing or spoofing, so suspicious IDN's cause an optional alert box to appear further warning you to take care. This is in no way sufficient protection against all kinds of spoofing, but does add to your browser's defences. "

and also , after opening a web page , if you find it suspicious ., just right click in the address bar and click on IDND : TDN option , and you will be shown the actual domain name .

(## might fail . dint see it as of now .. - ) <<<<

demonstrated below ----

5- Open DNS

just register yourself and download the small ip updater utility and configure your filter rule sets and you are good to go .

provides a good level of protection which Open DNS is known for and even advertises it .

or if not interested in OpenDNS , use any other good DNS .

Clear Cloud was a very good service but i think its closing as of now .

you can go for Norton DNS or Comodo DNS or even Google DNS .

cant say about speeds , though Google is known to be fast .

but Open DNS is good enough .!

6 - The most important and the most efficient protection against phishing is - Common Sense .

keeping a vigilant eye over your browser and the page it opens and the links you click to open .

these tools are add ons , and are just add ons .

they add to existing set up and do not do the whole job .

as with any thing else , they are bound to fail this time or any other time .

and so you should not solely rely on them .

lets take some practical examples .----

>>> WOT , ID:ND , and Firefox inbuilt protection doing the job .

a phishing web site hum-buggering the PayPal web site

Notice - ID:ND reporting the top domain . in the white dialog box .

ZirNU.png

WOT is RED and Firefox also blocked the page .

>>>>McAfee at work

again a PayPal Phishing site .

PvLQU.png

>>>> [ When WOT , McAfee , and browser in Built Protection Features all FAIL in blocking or identifying the forged web page ..!.]

a site impostering to be an EBay log in page .!

68c4ds.jpg

now if you notice clearly --

the page looks exactly as the genuine EBay log in when in fact it is a Phishing Hook ..!

but ------>

-Firefox dint stop the page .

-WOT doesnt report any thing .

so this should make you stop and have a suspicious eye ,

just think --- ' how come a site as popular as ebay have no WOT rating ? !!! '

so you should stop and look and be very careful before entering any info on such a page .

no rating should caution you ,

again not exactly reliable .

-McAfee is in fact Green .

now this is bad . bad if you trust McAfee to safe guard your browsing .!

so an uninformed user will promptly and easily enter all his personal details on to the fake web page . coz it looks so genuine and also the security add ons did not report any warnings !

but this is a very well designed Phishing web site . for sure .

so how to defeat it ----- ?

here comes the savior ---.

--- >>>>>>>>>> Examine the URL in the browser address bar .<<<<<<<<<<<<----

" it is clearly high lighting in black the top domain as ":fgheq.co.uk " and everything else is grayed out . "

meaning the web page is not an official EBay page ...!

saved !!!

even querying the ID:ND status for this page reported the top domain as - fgheq.co.uk ,and not - as ebay.co.uk .

( Now there can be an even more elaborate/advanced phishing hook scam , Man in the Middle Attack , and that too especially on an Secure HTTPS connection . SSL technology was designed to encrypt connection between computers so as to prevent Man in the Middle Attacks . but as the Wisdom goes , Nothing is secure and now even SSL can be evaded to do a fraud ..

But there are tools to prevent that also ..

Please read here - Post 6 )

so always examine the address bar to check for any errors , especially on web sites where you need to enter your personal details .

and , here we are ,

what to look for and what not to .

use the tools carefully , and please dont trust them blindly and become a scape goat .

keep a secure vigilant eye on the browsing , and you should be able to steer away from such frauds ...

this is just a part of my experience i shared .

please follow the links in the first post to know more about basic and advanced phishing details ...

Stay safe ,,,, smile.gif

Link to comment
Share on other sites


  • Administrator

Great and informative post(s). :thumbsup:

Liked the part where WOT not having any ratings on ebay like site. :D

Link to comment
Share on other sites


@Dkt

this is what i said buddy .!

i tested and learned about phishing in the past few days and this is what i have found ...!

these are add ons , or even in fact if they were a full fledged anti phishing suite ,

they can never protect you 100 % !!! -_-

see ,

McAfee is Green ,

reporting it to be safe and Legit ...!!

Phishing is bigger threat or might be equivalent threat when compared to malware .

but a good phishing scam can rob any one of quite a big sum of money or even identity theft ...! :ph34r:

so, --- use the best defense we are born with ---- Common Sense ..!

observe what you do , and you should be safe ...

in this case the best defense is URL examination in the address bar ....! :sneaky:

Link to comment
Share on other sites


continuing with the tools section , i would like to inform users of two more Firefox add ons ---

these are not exactly anti phishing tools , but help to prevent a more advanced type of forgery --- Man in the Middle Attacks , especially on an secure HTTPS connection .

an SSL encrypted connection is verified by issuing Certificates by Licensing Authorities like GoDaddy , GeoTrust etc.... , which authenticate the genuineness of a web site .

the browser trusts many certificates of this type from many different authorities without it actually knowing that whether it was issued from a competent authority or whether it retains its authenticity right from its point of issuence .

and recently there have been reports of these certificates being hijacked and then falsely issued to non deserving web sites

  • May 2011: Indications point to the Syrian government actively performing man-in-the-middle attacks (More Info)
  • March 2011: Certificate Authority is hacked, leading to the issuing of fraudulent certificates for sites including google.com, yahoo.com and msn.com (More Info) "

so it is likely that a false certificate be displayed on a phishing web site , making it all the more difficult to identify as a fraud . !!

here comes the help of these two Add-Ons ----

1) - Perspectives

About this Add-ON

Perspectives is a new approach to help clients securely identify Internet servers in order to avoid "man-in-the-middle" attacks.

Perspectives takes a different approach to how the web browser determines if an SSL certificate is valid. Instead of requiring browser users to trust an anointed group of certificate authorities, Perspectives gives users the ability to pick a group they trust (e.g., the EFF, Google, their company, their university, their group of friends, etc.) and trust no one else.

and Securely bypasses Firefox HTTPS security errors by verifying certificates using a collection of Network Notaries .

Perspectives Project

2) - Certficate Patrol

About this Add-ON

Your browser trusts many certification authorities and intermediate sub-authorities quietly, every time you enter an HTTPS web site. This add-on reveals when certificates are updated, so you can ensure it was a legitimate change.

It is unclear how many intermediate certification authorities really exist, and yet each of them has "god-like power" to impersonate any https web site using a Man in the Middle (MITM) attack scenario.

That's why Certificate Patrol gives you insight of what is happening.

Stay Safe ... :)

Link to comment
Share on other sites


a good firewall...sandboxie and a little common sense is all that I need....very informative post tho...

OH...plus the fact that I have no $$$$$$$$$$$$ for anyone to get ahold of... :rolleyes:

Link to comment
Share on other sites


a good firewall...sandboxie and a little common sense is all that I need....very informative post tho...

OH...plus the fact that I have no $$$ for anyone to get ahold of... :rolleyes:

A firewall and a sandboxie would not prevent you from a Phishing Attack , my friend ..

they are good for malware and network protection . Phishing is different ...! ;)

of course Common Sense can and will do protect you ., but then even so ,you need to train a soldier before sending him out to to the battle field

and that is what the tutorial tries to do .

teach about Phishing and all the tools necessary to stop it trough testing and resources .

just go thru it , you will learn a lot ... ;)

p.s. -- and $ theft is only a part of phishing scams . Read about Identity Thefts ....

Link to comment
Share on other sites


Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...