Reel ’em in

Security firms have launched two new websites in a bid to help global users report and avoid phishing attacks.

  • E-Mail
By  Cleona Godinho Published  March 29, 2006

Security firms have launched two new websites in a bid to help global users report and avoid phishing attacks. The first site, The Phishing Incident Reporting and Termination Squad (PIRT) is a volunteer effort designed to shut down phishing scams. The PIRT site (at http://castlecops.com/pirt) is currently searching for volunteers to help report new phishing scams and get in-touch with authorities to have these sites shut down. In order to submit phishing reports users have to either employ the site’s new Fried Phish tool or forward the suspected phishing e-mail to pirt@castlecops.com. “It's the first public takedown community we know of, and we hope to start nailing these sites,” stated the site’s founders, on Techtree.com. PIRT is currently run by US-based anti-spyware vendors Sunbelt Software and Computer Cops. The second website, supported by security vendor CipherTrust, is a free online notification service whereby companies can register their websites and then be informed when CipherTrust's radars detect that legitimate web pages are being spoofed. According to Paul Judge - the firm’s chief technology officer (CTO) - Phishregistry.org will use the same ‘Phisherprinting’ algorithms used by the company's CipherTrust Radar service to determine whether a site is being spoofed. He reckons this approach will allow a larger number of companies to benefit from this kind of monitoring. These two new websites signify a growing movement to fight against phishers, who send unsolicited e-mails directing users to copycat websites, with the aim of tricking them into releasing sensitive information such as credit card and bank account information. Last week, Microsoft pledged to file 100 lawsuits against phishers in Europe and in this region. Online efforts such as the Anti-Phishing Working Group (Antiphishing.org) and Digital PhishNet (Digitalphishnet.org) have already been set-up to combat this growing problem. Just last week, the director of Microsoft's EMEA Windows Client Group, Michael Hartmann, explained to Windows how the next version of its Internet Explorer browser will try and tackle phishing - by encouraging users to report their site-related findings. “What’s typical with phishing sites is that they use a numeric IP-based web address and then the name of whatever institution of bank you have," Hartmann explained. “So people think, “Yes, this looks like my bank”, and then they enter their details. With Vista the user gets warned. The OS says, ‘This is a suspicious website, take care’. The user can then report to Microsoft whether or not it’s a phishing website, and we’ll then check that. If we find it is a phishing site, when users visit it they’ll see a red text warning that says ‘Don’t go there’. To visit the site, you’ll need to confirm that’s what you want.”

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code