How many anti-phishing networks are enough?
Submitted by Mike Rothman on Wed, 2006-04-26 16:40.
Anti-phishing is a problem getting a lot of attention lately. Mostly because the existing solutions are not getting the job done. Corporate users are pretty well insulated because of sophisticated anti-spam defenses, it's really the consumers that are at risk.
So it's been the consumer anti-fraud offerings that have most effectively targeted this issue by working with the banks, which are most typically targeted by these attacks. Cyota's eFraudNetwork is like a phishing analogy to the Brightmail spam-catching honeypot network. Lots of honeypots out there to gather and pinpoint phishing messages ahead of the curve.
Now Symantec is leveraging some technology they acquired from WholeSecurity to get back into the game. (link to NetworkWorld story) Whole had launched the "Phish Report Network" in February of 2005, but it had limited effectiveness. So now they think they are going to sell information that is largely available elsewhere and for free from folks like WebSense (they've got a phishing blog) and the anti-phishing working group.
More importantly, these services don't address the issue from either side. Just getting information does not alert the right folks nor help to take down the phishing sites.
The right folks that really need to get this information are the consumers. They need to know about possible phishing sites BEFORE they are compromised. The toolbar in IE 7.0 does pinpoint sites using high security SSL certificates, which will put folks on alert if a site is shown as potentially problematic. I'm not sure how getting a list of bad sites from someone like Symantec is going to help unless it drives a desktop web filtering solution that would block bad sites in real time.
It's also not clear to me how this kind of offering helps the banks (or other targeted institutions). One of the most interesting aspects of Cyota/RSA's eFraudNetwork is the established relationships and process to quickly get a phishing site taken down once identified. Also the ability to uniquely identity a banking website to the consumer is another key requirement to defeat phishing from all sides.
Is Symantec investing in these capabilities? They'll need to if they want to be a player in the anti-phishing space.
So it's been the consumer anti-fraud offerings that have most effectively targeted this issue by working with the banks, which are most typically targeted by these attacks. Cyota's eFraudNetwork is like a phishing analogy to the Brightmail spam-catching honeypot network. Lots of honeypots out there to gather and pinpoint phishing messages ahead of the curve.
Now Symantec is leveraging some technology they acquired from WholeSecurity to get back into the game. (link to NetworkWorld story) Whole had launched the "Phish Report Network" in February of 2005, but it had limited effectiveness. So now they think they are going to sell information that is largely available elsewhere and for free from folks like WebSense (they've got a phishing blog) and the anti-phishing working group.
More importantly, these services don't address the issue from either side. Just getting information does not alert the right folks nor help to take down the phishing sites.
The right folks that really need to get this information are the consumers. They need to know about possible phishing sites BEFORE they are compromised. The toolbar in IE 7.0 does pinpoint sites using high security SSL certificates, which will put folks on alert if a site is shown as potentially problematic. I'm not sure how getting a list of bad sites from someone like Symantec is going to help unless it drives a desktop web filtering solution that would block bad sites in real time.
It's also not clear to me how this kind of offering helps the banks (or other targeted institutions). One of the most interesting aspects of Cyota/RSA's eFraudNetwork is the established relationships and process to quickly get a phishing site taken down once identified. Also the ability to uniquely identity a banking website to the consumer is another key requirement to defeat phishing from all sides.
Is Symantec investing in these capabilities? They'll need to if they want to be a player in the anti-phishing space.
Recent comments
2 years 4 weeks ago
2 years 4 weeks ago
2 years 5 weeks ago
2 years 6 weeks ago
2 years 7 weeks ago
2 years 7 weeks ago
2 years 7 weeks ago
2 years 7 weeks ago
2 years 7 weeks ago
2 years 7 weeks ago