Anti-phishing software
Encyclopedia
Anti-phishing software consists of computer program
s that attempt to identify phishing
content contained in website
s and e-mail
. It is often integrated with web browser
s and email clients as a toolbar that displays the real domain name for the website the viewer is visiting, in an attempt to prevent fraudulent websites from masquerading as other legitimate web sites. Anti-phishing functionality may also be included as a built-in capability of some web browsers.
Password manager
s can also be used to help defend against phishing.
and titled "Gone Phishing: Evaluating Anti-Phishing Tools for Windows", concluded that Internet Explorer
and Netcraft
Toolbar were the most effective anti-phishing tools.
A later independent study, conducted by Carnegie Mellon University
CyLab titled "Phinding Phish: An Evaluation of Anti-Phishing Toolbars", released November 13, 2006, tested the ability of ten anti-phishing solutions to block known or warn about phishing sites, not block or warn about legitimate sites, as well as usability testing of each solution. Of the solutions tested, Netcraft
Toolbar, EarthLink
ScamBlocker and SpoofGuard were able to correctly identify over 75% of the sites tested, with Netcraft
Toolbar receiving the highest score, without incorrectly identifying legitimate sites as phishing. Severe problems were however discovered using SpoofGuard, and it incorrectly identified 38% of the tested legitimate sites as phishing, leading to the conclusion that "It would seem that such inaccuracies might nullify the benefits SpoofGuard offers in identifying phishing sites.".
Google
Safe Browsing (which has since been built into Firefox) and Internet Explorer
both performed well, but when testing ability to detect fresh phishes Netcraft
Toolbar scored as high 96%, while Google
Safe Browsing scored as low as 0%, possibly due to technical problems with Google
Safe Browsing.
The testing was performed using phishing data obtained from Anti-Phishing Working Group
, PhishTank
and an unnamed email filtering vendor.
The latest study, conducted by SmartWare for Mozilla
, released November 14, 2006, concluded that the anti-phishing filter in Firefox was more effective than Internet Explorer
by more than 10%. The results of this study have been questioned by critics, criticising that the testing data was sourced exclusively from PhishTank
, itself an anti-phishing provider. The study only compared Internet Explorer
and Firefox, and left out among others Netcraft
Toolbar and the Opera
browser, both of which use data from PhishTank
in their anti-phishing solutions. This has led to speculations that, with the limited testing data, both Opera
and Netcraft
Toolbar would have gotten a perfect score had they been part of the study.
While the two later reports were released only one day apart, Asa Dotzler
, Director of Community Development at Mozilla
, has responded to the criticism of the Mozilla-commissioned report by saying "..so you're agreeing that the most recent legitimate data puts Firefox ahead. Good enough for me."
Since these studies were conducted, both Microsoft
and Opera Software
have started licensing Netcraft
's anti-phishing data, bringing the effectiveness of their browser's built-in anti-phishing on par with Netcraft
Toolbar and beyond.
Computer program
A computer program is a sequence of instructions written to perform a specified task with a computer. A computer requires programs to function, typically executing the program's instructions in a central processor. The program has an executable form that the computer can use directly to execute...
s that attempt to identify phishing
Phishing
Phishing is a way of attempting to acquire information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT...
content contained in website
Website
A website, also written as Web site, web site, or simply site, is a collection of related web pages containing images, videos or other digital assets. A website is hosted on at least one web server, accessible via a network such as the Internet or a private local area network through an Internet...
s and e-mail
E-mail
Electronic mail, commonly known as email or e-mail, is a method of exchanging digital messages from an author to one or more recipients. Modern email operates across the Internet or other computer networks. Some early email systems required that the author and the recipient both be online at the...
. It is often integrated with web browser
Web browser
A web browser is a software application for retrieving, presenting, and traversing information resources on the World Wide Web. An information resource is identified by a Uniform Resource Identifier and may be a web page, image, video, or other piece of content...
s and email clients as a toolbar that displays the real domain name for the website the viewer is visiting, in an attempt to prevent fraudulent websites from masquerading as other legitimate web sites. Anti-phishing functionality may also be included as a built-in capability of some web browsers.
Password manager
Password manager
A password manager is software that helps a user organize passwords and PIN codes. The software typically has a local database or a file that holds the encrypted password data for secure logon onto computers, networks, web sites and application data files. Many password managers also work as a form...
s can also be used to help defend against phishing.
Client-based anti-phishing programs
- Avira Premium Security Suite -
- EarthlinkEarthLinkEarthLink , is an Internet service provider headquartered in Atlanta, Georgia, USA. It claims 1.94 million subscribers.- Business :EarthLink provides a variety of Internet connection types, including dial-up, DSL, satellite, and cable. Both dial-up and high speed Internet access are available...
ScamBlocker (discontinued) - eBayEBayeBay Inc. is an American internet consumer-to-consumer corporation that manages eBay.com, an online auction and shopping website in which people and businesses buy and sell a broad variety of goods and services worldwide...
Toolbar - ESET Smart Security
- Firefox 6.0.10
- Google Chrome 13.0.7Google ChromeGoogle Chrome is a web browser developed by Google that uses the WebKit layout engine. It was first released as a beta version for Microsoft Windows on September 2, 2008, and the public stable release was on December 11, 2008. The name is derived from the graphical user interface frame, or...
- GeoTrustGeoTrustGeoTrust is a large digital certificate provider.GeoTrust was a restarted company in 2001 that acquired the security business of Equifax. The Equifax business was the basis of its fast growth. The founders of the restarted company were CEO Neal Creighton, CTO Chris Bailey and Principal Engineer...
TrustWatch - GoogleGoogleGoogle Inc. is an American multinational public corporation invested in Internet search, cloud computing, and advertising technologies. Google hosts and develops a number of Internet-based services and products, and generates profit primarily from advertising through its AdWords program...
Safe Browsing (usable with Firefox) - Windows Internet Explorer 8Internet ExplorerWindows Internet Explorer is a series of graphical web browsers developed by Microsoft and included as part of the Microsoft Windows line of operating systems, starting in 1995. It was first released as part of the add-on package Plus! for Windows 95 that year...
- Kaspersky Internet SecurityKaspersky Internet SecurityKaspersky Internet Security or KIS is an Internet security suite developed by Kaspersky Lab compatible with Microsoft Windows. KIS supports the detection and remidition of malware, as well as e-mail spam, phishing attempts, and data leaks....
- McAfeeMcAfeeMcAfee, Inc. is a computer security company headquartered in Santa Clara, California, USA. It markets software and services to home users, businesses and the public sector. On August 19, 2010, electronics company Intel agreed to purchase McAfee for $7.68 billion...
SiteAdvisor - Mozilla ThunderbirdMozilla ThunderbirdMozilla Thunderbird is a free, open source, cross-platform e-mail and news client developed by the Mozilla Foundation. The project strategy is modeled after Mozilla Firefox, a project aimed at creating a web browser...
- e-mail client which warns users of e-mails which may be part of an e-mail scam. - NetcraftNetcraftNetcraft is an Internet services company based in Bath, England.Netcraft provides web server and web hosting market-share analysis, including web server and operating system detection...
Toolbar - NetscapeNetscapeNetscape Communications is a US computer services company, best known for Netscape Navigator, its web browser. When it was an independent company, its headquarters were in Mountain View, California...
8.1 - Norton 360Norton 360Norton 360, developed by Symantec, is marketed as an "all-in-one" computer security suite. The package includes an antivirus, a personal firewall, a phishing protection program and a backup program...
- Norton Internet SecurityNorton Internet SecurityNorton Internet Security, developed by Symantec Corporation, provides malware prevention and removal during subscription period and uses signatures and heuristics to identify viruses. Other features include a software firewall, e-mail spam filtering, and phishing protection.Symantec distributes...
- OperaOpera (web browser)Opera is a web browser and Internet suite developed by Opera Software with over 200 million users worldwide. The browser handles common Internet-related tasks such as displaying web sites, sending and receiving e-mail messages, managing contacts, chatting on IRC, downloading files via BitTorrent,...
9.2 - PhishtankPhishTankPhishTank is an anti-phishing site.PhishTank was launched in October 2006 by entrepreneur David Ulevitch as an offshoot of OpenDNS. The company offers a community-based phish verification system where users submit suspected phishes and other users "vote" if it is a phish or not.PhishTank is used...
SiteChecker - PineAppPineAppPineApp is a privately held IT security company that provides email security, email archiving and web filtering for organizations and enterprises. The products are provided as appliances or software, as well as Software as a Service and cloud service platforms...
Mail-SeCure - SafariSafari (web browser)Safari is a web browser developed by Apple Inc. and included with the Mac OS X and iOS operating systems. First released as a public beta on January 7, 2003 on the company's Mac OS X operating system, it became Apple's default browser beginning with Mac OS X v10.3 "Panther". Safari is also the...
3.2 - Windows MailWindows MailWindows Mail is an email and newsgroup client included in Windows Vista, that was superseded by Windows Live Mail. It is the successor to Outlook Express. Microsoft previewed Windows Mail on Channel 9 on October 10, 2005....
, an e-mail client that comes with Windows VistaWindows VistaWindows Vista is an operating system released in several variations developed by Microsoft for use on personal computers, including home and business desktops, laptops, tablet PCs, and media center PCs...
Anti-phishing effectiveness
A study conducted by 3Sharp released on September 27, 2006 tested the ability of eight anti-phishing solutions to block known phishing sites, warn about phishing sites, and allow good sites. The study, which was commissioned by MicrosoftMicrosoft
Microsoft Corporation is an American public multinational corporation headquartered in Redmond, Washington, USA that develops, manufactures, licenses, and supports a wide range of products and services predominantly related to computing through its various product divisions...
and titled "Gone Phishing: Evaluating Anti-Phishing Tools for Windows", concluded that Internet Explorer
Internet Explorer 7
Windows Internet Explorer 7 is a web browser released by Microsoft in October 2006. Internet Explorer 7 is part of a long line of versions of Internet Explorer and was the first major update to the browser in more than 5 years...
and Netcraft
Netcraft
Netcraft is an Internet services company based in Bath, England.Netcraft provides web server and web hosting market-share analysis, including web server and operating system detection...
Toolbar were the most effective anti-phishing tools.
A later independent study, conducted by Carnegie Mellon University
Carnegie Mellon University
Carnegie Mellon University is a private research university in Pittsburgh, Pennsylvania, United States....
CyLab titled "Phinding Phish: An Evaluation of Anti-Phishing Toolbars", released November 13, 2006, tested the ability of ten anti-phishing solutions to block known or warn about phishing sites, not block or warn about legitimate sites, as well as usability testing of each solution. Of the solutions tested, Netcraft
Netcraft
Netcraft is an Internet services company based in Bath, England.Netcraft provides web server and web hosting market-share analysis, including web server and operating system detection...
Toolbar, EarthLink
EarthLink
EarthLink , is an Internet service provider headquartered in Atlanta, Georgia, USA. It claims 1.94 million subscribers.- Business :EarthLink provides a variety of Internet connection types, including dial-up, DSL, satellite, and cable. Both dial-up and high speed Internet access are available...
ScamBlocker and SpoofGuard were able to correctly identify over 75% of the sites tested, with Netcraft
Netcraft
Netcraft is an Internet services company based in Bath, England.Netcraft provides web server and web hosting market-share analysis, including web server and operating system detection...
Toolbar receiving the highest score, without incorrectly identifying legitimate sites as phishing. Severe problems were however discovered using SpoofGuard, and it incorrectly identified 38% of the tested legitimate sites as phishing, leading to the conclusion that "It would seem that such inaccuracies might nullify the benefits SpoofGuard offers in identifying phishing sites.".
Google
Google Inc. is an American multinational public corporation invested in Internet search, cloud computing, and advertising technologies. Google hosts and develops a number of Internet-based services and products, and generates profit primarily from advertising through its AdWords program...
Safe Browsing (which has since been built into Firefox) and Internet Explorer
Internet Explorer 7
Windows Internet Explorer 7 is a web browser released by Microsoft in October 2006. Internet Explorer 7 is part of a long line of versions of Internet Explorer and was the first major update to the browser in more than 5 years...
both performed well, but when testing ability to detect fresh phishes Netcraft
Netcraft
Netcraft is an Internet services company based in Bath, England.Netcraft provides web server and web hosting market-share analysis, including web server and operating system detection...
Toolbar scored as high 96%, while Google
Google
Google Inc. is an American multinational public corporation invested in Internet search, cloud computing, and advertising technologies. Google hosts and develops a number of Internet-based services and products, and generates profit primarily from advertising through its AdWords program...
Safe Browsing scored as low as 0%, possibly due to technical problems with Google
Google
Google Inc. is an American multinational public corporation invested in Internet search, cloud computing, and advertising technologies. Google hosts and develops a number of Internet-based services and products, and generates profit primarily from advertising through its AdWords program...
Safe Browsing.
The testing was performed using phishing data obtained from Anti-Phishing Working Group
Anti-Phishing Working Group
The Anti-Phishing Working Group is an international consortium that brings together businesses affected by phishing attacks, security products and services companies, law enforcement agencies, government agencies, trade association, regional international treaty organizations and communications...
, PhishTank
PhishTank
PhishTank is an anti-phishing site.PhishTank was launched in October 2006 by entrepreneur David Ulevitch as an offshoot of OpenDNS. The company offers a community-based phish verification system where users submit suspected phishes and other users "vote" if it is a phish or not.PhishTank is used...
and an unnamed email filtering vendor.
The latest study, conducted by SmartWare for Mozilla
Mozilla
Mozilla is a term used in a number of ways in relation to the Mozilla.org project and the Mozilla Foundation, their defunct commercial predecessor Netscape Communications Corporation, and their related application software....
, released November 14, 2006, concluded that the anti-phishing filter in Firefox was more effective than Internet Explorer
Internet Explorer 7
Windows Internet Explorer 7 is a web browser released by Microsoft in October 2006. Internet Explorer 7 is part of a long line of versions of Internet Explorer and was the first major update to the browser in more than 5 years...
by more than 10%. The results of this study have been questioned by critics, criticising that the testing data was sourced exclusively from PhishTank
PhishTank
PhishTank is an anti-phishing site.PhishTank was launched in October 2006 by entrepreneur David Ulevitch as an offshoot of OpenDNS. The company offers a community-based phish verification system where users submit suspected phishes and other users "vote" if it is a phish or not.PhishTank is used...
, itself an anti-phishing provider. The study only compared Internet Explorer
Internet Explorer 7
Windows Internet Explorer 7 is a web browser released by Microsoft in October 2006. Internet Explorer 7 is part of a long line of versions of Internet Explorer and was the first major update to the browser in more than 5 years...
and Firefox, and left out among others Netcraft
Netcraft
Netcraft is an Internet services company based in Bath, England.Netcraft provides web server and web hosting market-share analysis, including web server and operating system detection...
Toolbar and the Opera
Opera (web browser)
Opera is a web browser and Internet suite developed by Opera Software with over 200 million users worldwide. The browser handles common Internet-related tasks such as displaying web sites, sending and receiving e-mail messages, managing contacts, chatting on IRC, downloading files via BitTorrent,...
browser, both of which use data from PhishTank
PhishTank
PhishTank is an anti-phishing site.PhishTank was launched in October 2006 by entrepreneur David Ulevitch as an offshoot of OpenDNS. The company offers a community-based phish verification system where users submit suspected phishes and other users "vote" if it is a phish or not.PhishTank is used...
in their anti-phishing solutions. This has led to speculations that, with the limited testing data, both Opera
Opera (web browser)
Opera is a web browser and Internet suite developed by Opera Software with over 200 million users worldwide. The browser handles common Internet-related tasks such as displaying web sites, sending and receiving e-mail messages, managing contacts, chatting on IRC, downloading files via BitTorrent,...
and Netcraft
Netcraft
Netcraft is an Internet services company based in Bath, England.Netcraft provides web server and web hosting market-share analysis, including web server and operating system detection...
Toolbar would have gotten a perfect score had they been part of the study.
While the two later reports were released only one day apart, Asa Dotzler
Asa Dotzler
Asa Dotzler is an American software developer best known for his work as community coordinator for several Mozilla projects. He was founder of Mozilla's Quality Assurance and Testing Program, which grew under his leadership from just a few contributors when Dotzler joined the project to tens of...
, Director of Community Development at Mozilla
Mozilla
Mozilla is a term used in a number of ways in relation to the Mozilla.org project and the Mozilla Foundation, their defunct commercial predecessor Netscape Communications Corporation, and their related application software....
, has responded to the criticism of the Mozilla-commissioned report by saying "..so you're agreeing that the most recent legitimate data puts Firefox ahead. Good enough for me."
Since these studies were conducted, both Microsoft
Microsoft
Microsoft Corporation is an American public multinational corporation headquartered in Redmond, Washington, USA that develops, manufactures, licenses, and supports a wide range of products and services predominantly related to computing through its various product divisions...
and Opera Software
Opera Software
Opera Software ASA is a Norwegian software company, primarily known for its Opera family of web browsers with over 220 million users worldwide. Opera Software is also involved in promoting Web standards through participation in the W3C. The company has its headquarters in Oslo, Norway and is...
have started licensing Netcraft
Netcraft
Netcraft is an Internet services company based in Bath, England.Netcraft provides web server and web hosting market-share analysis, including web server and operating system detection...
's anti-phishing data, bringing the effectiveness of their browser's built-in anti-phishing on par with Netcraft
Netcraft
Netcraft is an Internet services company based in Bath, England.Netcraft provides web server and web hosting market-share analysis, including web server and operating system detection...
Toolbar and beyond.