Thursday, May 26, 2005 9:53 AM szurgot

Thought on how to stop phishing in email

I don't know if this has been implemented anywhere, but it occurred to me that one way to prevent phishing attacks would be to have a warning dialog in the email clients that either

  1. When there is a url in an email, and the underlying href doesn't match the text IE (Text: http://signin.ebay.com/eBayISAPI.dll?SignIn&ssPageName=h:h:sin:US - HREF: http://66.246.90.60/~testing/ebay/secupdate.html) show a dialog box notifying the user.
  2. Same thing if the link text doesn't contain an link in the actual text, but the link itself goes to a dotted ip. Most phishers probably aren't going to register domains....

Just a thought.

Comments

# re: Thought on how to stop phishing in email

Thursday, May 26, 2005 10:45 AM by Wim Hollebrandse

Good point. Implementing such a very simple check would at least alert a lot of numpty users there's something fishy (phishy) going on.

There are however quite a number of phisers (phisermen ?) who do own their own domain names. There's a lot you can do with hyphens in domain names. Names like EBAY-SIGNINONLINE.COM accompanied with the relevant Ebay logos seem to trick enough people to make it worthwhile...

# re: Thought on how to stop phishing in email

Thursday, May 26, 2005 11:01 AM by Scott Galloway

Best way I've seen is the Netcraft toolbar (http://toolbar.netcraft.com) this provides a fair chunk of information about the site as well as giving a 'risk' rating based on the URL format...now also comes in Firefox flavour :-)

# re: Thought on how to stop phishing in email

Thursday, May 26, 2005 12:55 PM by Wim Hollebrandse

Scott,

The Netcraft toolbar gives you this risk info obviously once you are actually visiting the phiser's site.

What Chris is talking about is a basic check in the e-mail clients, which I think would be very useful - especially for your average hobbyist computer user.

Wim

# re: Thought on how to stop phishing in email

Thursday, May 26, 2005 1:06 PM by nick martini

gmail does that currently, i think. its pretty handy, caught 4 or 5 already :)

# re: Thought on how to stop phishing in email

Thursday, May 26, 2005 5:51 PM by MartinJ

Another possibility would be to compare the domains in the from address to those in the links. I've noticed that most of the scams I get at work don't match.

Come to think of it, that would catch a lot of valid bulk mailers as well.

# re: Thought on how to stop phishing in email

Thursday, May 26, 2005 8:14 PM by .Net Adventures

Check out callingid.com

Identifies and validates the sites safe to deal with
Shows the location and owner of the site you are accessing
Verifies known sites
Provides you with the information you need to decide if a site is safe