Slashdot Mirror

← Back to Stories (view on slashdot.org)

Netcraft Releases Anti-Phishing Toolbar

Posted by ryuzaki0 on from the safety-first dept.

AgainstHate writes "Netcraft has released an Anti-Phishing Toolbar that provides detailed information about the website you are visiting (sites' hosting location, country, longevity and popularity) at all times to help users to validate fraudulent URLs. It also natively traps cross site scripting and other suspicious URLs. The toolbar also enables users to report phishing attacks to Netcraft, thus blocking any other unsuspecting users from being harmed (Netcraft supervisor validation is used to contain the impact of any false reporting). Currently the toolbar is only available for IE but a Firefox version is under development."

26 of 236 comments (clear)

  1. Nostradamus Predicts by the_mad_poster · · Score: 5, Insightful

    This will have little affect because:

    1) The people who really need it will never hear about it.

    2) Even if 1 fails to return true, the people who really need it will never be able to find it amongst the 82 other toolbars that various companies have so helpfully installed for the sucke.... uh... users.

    --
    Alito: A vote for Alito is a punch in the eye to put that bitch back in her place!
    1. Re:Nostradamus Predicts by Gentlewhisper · · Score: 5, Interesting

      They really don't need a firefox version anyway..

      People who use firefox fall under those who don't really need it :)

      --
      Online backup with Mozy, sounds like Ozzie, but more!
    2. Re:Nostradamus Predicts by The+Snowman · · Score: 5, Insightful

      They really don't need a firefox version anyway..

      People who use firefox fall under those who don't really need it :)

      Maybe for the time being. Right now, Firefox largely is a geek browser. However, recent news shows that it is becoming more popular and mainstream. Software can only do so much to curb user ignorance. Firefox is not perfect, nor does it stop phishing and other scams. Plugins, such as this toolbar, could help prevent Joe Sixpack from scammers and phishers. After seeing enough message boxes about malicious sites, hopefully he will learn the skills he needs so he will not need the toolbar anymore.

      If Firefox does not keep the scammers and phishers away, new users will abandon it and go back to what they already know: IE.

      --
      24 beers in a case, 24 hours in a day. Coincidence? I think not!
    3. Re:Nostradamus Predicts by the_mad_poster · · Score: 5, Interesting

      Not true at all. I happen to be the proud owner of a very serious exploit in the shopping cart of a major online retailer - an exploit of a simple-fix problem they refuse to even look at.

      The gist is this - there's a variable in the GET string of the cart which does no input sanitization or checking at all. I derived a GET string which caused an invisible iframe to be embedded in the shopping cart page of this retailer. Inside the iframe, however, was a page pointing to one of my sites on which a fake form resided. The page/form claimed you would "Get a free gift for only 99 cents S&H" and asked for name, address, phone number, and credit card. The ONLY indicator that it's fake is:

      1. The hard to read GET string which, if you know HTML and the concept of CGI, you could figure out points to a "bad" page if you looked at it.

      2. The javascript alert that says "owned" after you click the "submit" button.

      I even photoshopped some of their own button graphics and used their CSS files to maintain the look of the site.

      They have yet, after almost a year, to fix the problem.

      Firefox is just as vulnerable as anything else, and this particularly nasty XSS attack was fairly hard to detect. Do not rely on your browser to save you from yourself.

      --
      Alito: A vote for Alito is a punch in the eye to put that bitch back in her place!
    4. Re:Nostradamus Predicts by RangerRick98 · · Score: 4, Insightful

      Software can only do so much to curb user ignorance.

      You make the point very well right there. I don't care what features a browser includes to curb scamming and phishing and the like, if the users don't pay attention to what they're doing it won't make a bit of difference. Toolbars are out of the way and require a conscious decision to check them, and so they probably won't do any good, and popup messages are so common for the most mundane of errors that a lot of users I know won't even read it before clicking OK, even if it's a popup they know they haven't seen before.

      Users need to learn not to assume their computer and the Internet are safe and instead educate themselves on how to recognize scams themselves.

      --
      "You're older than you've ever been, and now you're even older."
    5. Re:Nostradamus Predicts by computational+super · · Score: 5, Informative

      Hmmmm... I'm almost afraid to admit this, but I'm a Firefox user who might be able to use this. There's a lot of information there that I've never been able to figure out how to determine using publicly available resources. According to TFA, Netcraft will report site, domain, ip address, country, date first seen, organization, last reboot, netblock owner, site rank, name server, DNS admin, and reverse DNS. Obviously I can use nslookup to figure out the IP address, and internic.net to look up the domain and figure out name server, dns admin, etc. but country? netblock owner? Date first seen?

      The example shown in TFA, for example, shows netcraft.com being hosted in the UK... obviously, this is more sophisticated than just checking to see if the domain is co.uk. It seems like they actually are providing some value by maintaining a database... figuring out the hosting country from an IP address is supposed to be impossible.

      Of course, I'm not downloading anything until I've seen it reviewed for a while to see if the database they're maintaining is useful in any way, shape or form - if 99% of the sites aren't in their database (and they're just showing me WHOIS lookups), then yeah, I guess I fall into the "don't really need it" category.

      --
      Proud neuron in the Slashdot hivemind since 2002.
    6. Re:Nostradamus Predicts by The+Snowman · · Score: 4, Interesting

      Users need to learn not to assume their computer and the Internet are safe and instead educate themselves on how to recognize scams themselves.

      Yes, but users don't always want to learn. The old saying "ignorance is bliss" is true. Maybe I am jaded from dealing with computer customers and users for so long, but I think most people really don't want to learn those skills. They would rather have someone else or the software do it.

      Most people would rather have someone else change the oil in their cars, even though it takes 10 minutes and half the money than professionals charge. I have changed stuff like alternators, lights, belts, etc. for far less money than professionals would charge. However, most people do not want to spend the time to learn how. Just the same, people would rather trust the professionals to keep them safe in their web browser rather than learning how to do it themselves.

      --
      24 beers in a case, 24 hours in a day. Coincidence? I think not!
    7. Re:Nostradamus Predicts by the_mad_poster · · Score: 5, Insightful
      Except, for people to treat their cars the way they do their computers, they'd have to:
      • Never get an oil change. Ever. Everytime the oil burned into the pan and the car stopped running altogether, they'd just replace the whole pan and rebuild the block to clean the ooze out. They would also whine incessantly about having to do this.
      • Never check their tire pressure. Ever. They would simply drive the car until the tires blew, then continue to drive on the rims complaing about how hard it is to control.
      • Drive the cars around bad neighbordhoods all the time without taking any precautions. When they get caught in a drive by, or someone comes along and smashes up their car, they'd whine about the car getting damaged as if it were the car's fault.
      • Everytime someone offered to install something, they'd do it. This would include everything from cutesy stickers with corrosive backing to "engine upgrades" that make the car go half as fast, but lets you change the color of your headlights. All negative affects would, again, be blamed on the car.
      Computers are complex tools that require maintenance. Hell, some people pay more attention to their toaster's maintenance than the computer's maintenance. At least they clean the damn crumbs out of it from time to time.
      --
      Alito: A vote for Alito is a punch in the eye to put that bitch back in her place!
  2. Reporting to the Business targeted by jlrowe · · Score: 3, Interesting

    I wonder if Netcraft has a method to report to the targetted business (banks, Ebay, etc) so they can follow up on legal action.

  3. Confirmed.. by maskedbishounen · · Score: 4, Funny

    Netcraft confirms it. Only /. readers are ever going to use this.

    *ducks*

    --
    "An infinite number of monkeys typing into GNU emacs would never make a good program."
  4. For Firefox... by excaliber19 · · Score: 5, Informative
    Not perfect by any means, but sure helps:

    Firefox SpoofStick Extension

  5. Heh by Eric(b0mb)Dennis · · Score: 3, Insightful

    Will this really protect people who succumb to phishing in the first place?

    If you're going to fall for one of the oldest tricks in the book, I don't think this new-fangled anti-phishing toolbar is going to do you any help.

    --
    Excuse me, I don't mean to impose, but I am the ocean
  6. Netcraft confirms by AtariAmarok · · Score: 4, Funny
    It is official; Netcraft confirms: Phishing is dying.

    One more crippling bombshell hit the already beleaguered phishing community when IDC confirmed that successful phishing attempts have dropped yet again, now down to less than a fraction of 1 percent of all phish-mails sent out. Coming on the heels of a recent Netcraft survey which plainly states that phishing has lost more market share, this news serves to reinforce what we've known all along. Phishing is collapsing in complete disarray, as fittingly exemplified by failing dead last in the recent Sys Admin comprehensive scam list.

    You don't need to be a Kreskin to predict phishing's future. The hand writing is on the wall: Phishing faces a bleak future. In fact there won't be any future at all for phishing because phishing is dying. Things are looking very bad for phishing. As many of us are already aware, phishing continues to lose market share. Red ink flows like a river of fish-blood.

    CitiBank phishes are the most endangered of them all, having lost 93% of its core spam-relays. The sudden and unpleasant departures of long time phishmeisters developers Gordon "Bassmaster" Hubble and Frank "Fifth Third" Blackman only serve to underscore the point more clearly. There can no longer be any doubt: Phishing is dying.

    Fact: Phishing is dying

    --
    Don't blame Durga. I voted for Centauri.
  7. I would think FF/ Mozilla users by Nurseman · · Score: 3, Insightful

    are a little more tech savvy, on the whole. They have gone to the trouble to download a safer browser, and probably less likely to get sucked into a phish scam. OTOH, I have seen some pretty good ones, and I did click on a Pay Pal one, before I had second thoughts.

    --
    Save a Life. Donate Blood. Please.
    1. Re:I would think FF/ Mozilla users by Errtu76 · · Score: 4, Insightful

      except for the people who use Mozilla/FireFox because their friend/relative have advised it. Can you think of anyone that wasn't too technical whom you advised they should use an alternative to IE?

      Btw, what's wrong with spoofstick?

  8. why not a function in firefox? by Anonymous Coward · · Score: 4, Interesting

    either color the URL in RED with a warning mark when it does not match the real address or give a quick pop explaining this.

  9. Spoofstick by BobMD · · Score: 5, Informative

    Already available from Corestreet for Firefox and IE http://www.corestreet.com/spoofstick/

  10. Wait 48 hours by SilverspurG · · Score: 3, Insightful

    And someone with a malicious website will have figured out how to use this anti-phishing toolbar as a vector for remote code execution.

    --
    fast as fast can be. you'll never catch me.
  11. Adware? by plover · · Score: 5, Informative
    Not necessarily: did you read the EULA?

    8 Advertising and sponsorship

    Part of the Toolbar may contain advertising and sponsorship. Advertisers and sponsors are responsible for ensuring that material submitted for inclusion on the Toolbar complies with relevant laws and codes. We will not be responsible for any error or inaccuracy in advertising and sponsorship material.

    So, be warned: it may contain some kind of adware, and it may be the kind you find hard to ignore. I'm not installing it until I know more.

    --
    John
  12. I already got an email about this one! by AtariAmarok · · Score: 4, Funny
    I already got an email about this one!

    From: admin@netcrapht.com
    To: slashdottroll@hawtmail.com
    Date: 2004/12/28

    Re: We've announcted a new anti-Phishing control bar for your browser! To take advantage of this amazing free offer, just login here and register using your name and Bank One check number! Don't delay. You will also be eligible for a free u-n-i-v-e-r-s-i-t-y diploma!

    --
    Don't blame Durga. I voted for Centauri.
  13. Netscraft confirms... by Stevyn · · Score: 5, Insightful

    ...that this is an old, outdated, and unfunny joke.

  14. ah more toolbar hell... by Anonymous Coward · · Score: 5, Informative

    As if there wasn't enough screen space taken up already.

    Switch to Firefox and enable the non-spoofing features and you don't need a toolbar (don't allow URL to be hidden, etc.)

    In firefox, type in about:config
    then set these to TRUE and never be "fooled" again:

    recommended:
    disable_window_open_feature.locati on
    disable_window_open_feature.status
    disable_wi ndow_open_feature.titlebar
    disable_window_status_ change

    optional:
    disable_window_move_resize
    disable_w indow_open_feature.close
    disable_window_open_feat ure.directories
    disable_window_open_feature.menub ar
    disable_window_open_feature.minimizable
    disab le_window_open_feature.personalbar
    disable_window _open_feature.resizable
    disable_window_open_featu re.scrollbars
    disable_window_open_feature.toolbar

  15. Non-slashdot users and family tech support by Jtheletter · · Score: 3, Funny
    A lot of people seem to think this tool will be useless or unused by the unwashed masses, which holds a certain amount of truth. One argument being if you're dumb enough to fall for a phishing scam, you're probably not aware enough to know to protect yourself in the first place, or if you've already got firefox installed you're already savvy enough to not fall for them.

    Speaking as my family tech support geek (which I think most of us on /. can relate to) I think this tool will be highly useful for people who know nothing about phishing scams as yet another barrier *I* will install for them.

    While a year wouldn't be enough time to educate all my relatives and friends on the various and ever-changing intricacies of PC web security, it's very useful to be able to install an app and tell them 'Look, if this thing pops up a big red warning, do what it says so you don't get a virus!' I've switched over everyone in my family to Firefox, all they care about is that it works pretty much the same for their needs as IE did. The google toolbar to block popups, zone alaram to catch other nasties, autorunning spybot and a coolwebsearch sweeper - these are all programs that make their web use look savvy but they ultimately have very little knowledge about. Now that my mom has started using the internet to buy things, no doubt she'll eventually get a phishing scam at some point relating to eBay or Amazon, with this toolbar hopefully now I can just set it and forget it and not worry as much that she's going to give all her bank info to some fake eBay site.

    --
    -- I'm not a pessimist, I'm a realist. It's not my fault that life sucks so much. --
  16. You're underestimating the effort involved. by sean.peters · · Score: 5, Insightful
    Most people would rather have someone else change the oil in their cars, even though it takes 10 minutes and half the money than professionals charge.

    Hogwash.

    • driving to the auto parts place to get oil, filters, etc - 20 minutes
    • draining oil, removing filter, installing new filter, adding oil - 10 minutes for this step only if you do this for a living. At least 15 minutes for ordinary mortals.
    • Driving halfway across the county to the only place that will take used oil for recycling - 45 minutes
    • Washing the clothes that got dirty while working on car - 30 minutes (with the possibility of doing other things during wash/dry cycle)
    • 45 minutes/$30 spent getting Jiffy Lube to do it, while I shop, read, etc... priceless

    Yes, I changed my own oil for years. Now I have better things to do with my life. Change a few words around in this reasoning, and you'll understand why "most people" don't want to fool around with their computers.

    Sean

    1. Re:You're underestimating the effort involved. by Total_Wimp · · Score: 3, Funny

      Saving $20 by spending 20 minutes doing it yourself -- Priceless.

      Uh, no, not "priceless". $20. Unless you've got some kind of rare $20 bill that was painted by a famous Italian artist or something.

  17. This is sure driving NetCraft's Ad Revenue... by Christopher_G_Lewis · · Score: 4, Informative

    OK, I'm a WinXP user, SP2, pop-ups turned completely off, run SpyBot, AdAware and look at my BHO's at least once a week because I don't trust computer programs, even though/because I write them for a living...

    Installed it, read the instructions and FAQ (I know, I'm not supposed to do that :-), and have a couple of first impressions. I'm going to apply the "Mother Test" to the tool bar to evaluate it's usefullnes.

    The tool bar installs with initally two items, Netcraft, and Services. Services is simply a drop down with links to all of Netcrafts services, trying to drum up business. I initally thought that services would hot link to some of the Netcraft tools like uptime and what is that site running, but no, just links to the main pages for them. There are 7 main items under serives, and 19 sub-items. Offerings
    are impressive, but I don't think my mother would care at all about Hosting Providers or Web site auditing.

    I can't evaluate the pop-up blocker since I have pop-ups completely turned off via XP SP2. I also run the Google toolbar, so pop-ups haven't bothered me in quite some time (except those occational ones that sneak through when you hold down the ctrl key to click a pop-up link. Who ever thought of using the same key to allow all pop-ups and allow one pop-up should be shot.)

    As for the phishing, looks like it will work fine. The toolbar will have to pull down a new definitions file every couple of hours (2 by default), but that should be fine. Reporting a site is relatively easy. This is a thumbs up for the Mother Test

    The Stats that it displays are pretty worthless. Pretty flags, but other than that, who cares. Rank is meaningless unless they get rid of their own sites. Pretty obvious that the most visited site is http://toolbar.netcraft.com.

    The thing that most disturbs me are the stats that are gathered: http://toolbar.netcraft.com/stats/topsites
    *Without*any*privacy*statement*, I have no idea what they are doing with my browsing information. This certainly scares me enough to uninstall this sucker. I understand that privacy is going away, I just like to fight it tooth and nail. (Except google, their cool. Until their IPO. oh wait... :-)

    Oh yea. Regarding my subject: look at line 12 of the stats:
    Rank Site First Seen Netblock Site Report Country
    12 http://banners.netcraft.com June 2003 Netcraft Go UK

    --
    www.christopherlewis.com