zvelo’s Newly Enhanced Phishing Website, Attack Detection System
With the increasing complexity of threats appearing on the Internet, coupled with the rapid development of security products designed to mitigate them, the number of phishing-based attacks have grown. In the first half of 2011 and compared to the second half of 2010, the Anti-Phishing Working Group (APWG) reported a 62% increase in unique phishing attacks worldwide in 200 top-level domains (TLDs).1 This trend warrants swift action to address the growing threat.
This alarming jolt in phishing attempts may be attributed to the fact that controls such as anti-virus software and intrusion detection mechanisms don’t effectively mitigate these threats. Unlike other popular attack vectors such as malware, phishing requires little technological capital and typically does not interact with the victim's device in such a way so as to draw suspicion from anti-malware solutions. The controls that do exist, mainly in the form of blacklists of known phishing sites, do not provide end users with adequate real-time protection. These blacklist controls typically depend upon end users to voluntarily submit suspected phishing sites and often delay blacklisting of submitted sites while manual vetting of the phishing designation is performed.
To combat phishing attacks, zvelo has enhanced its Angler℠ system – an automated, phishing detection system that protects end users in real-time against phishing attacks. The Angler phishing detection system analyzes well known and often targeted sites such as PayPal, Facebook and eBay. These popular websites are among the most commonly phished sites due to the enormous amount of personal and financial information they collect from their user communities.2
Angler identifies phishing web pages using a highly sophisticated process. For instance, Angler scans all web pages using proprietary technologies to determine whether or not the URLs stylistically resemble PayPal, Facebook, eBay and other popular portals. In addition, suspect web pages’ characteristics are analyzed for fraudulent or malicious attributes, such as extremely long URLs, the number of external links, and many others.
Phishing attacks will continue to rise and end users deserve real-time protection from phishing and other malicious websites. zvelo’s enhanced Angler phishing detection system, coupled with other cutting-edge malicious website detection capabilities, are steps in the right direction within the information security industry.
Phishing website examples as detected by zvelo:
Image 1: eBay phishing website example that resembles the actual eBay login page
Image 2: PayPal phishing website example
Image 3: PayPal phishing alert example that mixes German and English languages
Image 4: Pharmaceutical phishing website example
View a PDF of this article by clicking here: zvelo’s Newly Enhanced Phishing Website, Attack Detection System
- APWG. (November, 2011). Global Phishing Survey: Trends and Domain Name Use in 1H2011. APWG.org. Retrieved January 12, 2012 from http://www.apwg.org/reports/APWG_GlobalPhishingSurvey_1H2011.pdf.
- OpenDNS. (2011). OpenDNS® 2010 Report - Web Content Filtering and Phishing. OpenDNS.com. Retrieved January 12, 2012 from http://www.opendns.com/pdf/opendns-report-2010.pdf.