zveloBLOG™ - alerts, discussions, studies, articles, white papers about the latest malware, spam, phishing scams, and other Web threats researched or detected by zveloLABS™.

zveloBLOG

  • Home
    Home This is where you can find all the blog posts throughout the site.
  • Categories
    Categories Displays a list of categories from this blog.
  • Tags
    Tags Displays a list of tags that has been used in the blog.
  • Bloggers
    Bloggers Search for your favorite blogger from this site.
Posted by on in Phishing
  • Font size: Larger Smaller
  • Hits: 22236
  • 0 Comments

zvelo’s Newly Enhanced Phishing Website, Attack Detection System

With the increasing complexity of threats appearing on the Internet, coupled with the rapid development of security products designed to mitigate them, the number of phishing-based attacks have grown. In the first half of 2011 and compared to the second half of 2010, the Anti-Phishing Working Group (APWG) reported a 62% increase in unique phishing attacks worldwide in 200 top-level domains (TLDs).1 This trend warrants swift action to address the growing threat.

 

This alarming jolt in phishing attempts may be attributed to the fact that controls such as anti-virus software and intrusion detection mechanisms don’t effectively mitigate these threats. Unlike other popular attack vectors such as malware, phishing requires little technological capital and typically does not interact with the victim's device in such a way so as to draw suspicion from anti-malware solutions. The controls that do exist, mainly in the form of blacklists of known phishing sites, do not provide end users with adequate real-time protection. These blacklist controls typically depend upon end users to voluntarily submit suspected phishing sites and often delay blacklisting of submitted sites while manual vetting of the phishing designation is performed.

 

To combat phishing attacks, zvelo has enhanced its Angler℠ system – an automated, phishing detection system that protects end users in real-time against phishing attacks. The Angler phishing detection system analyzes well known and often targeted sites such as PayPal, Facebook and eBay. These popular websites are among the most commonly phished sites due to the enormous amount of personal and financial information they collect from their user communities.2

 

Angler identifies phishing web pages using a highly sophisticated process. For instance, Angler scans all web pages using proprietary technologies to determine whether or not the URLs stylistically resemble PayPal, Facebook, eBay and other popular portals. In addition, suspect web pages’ characteristics are analyzed for fraudulent or malicious attributes, such as extremely long URLs, the number of external links, and many others.

 

Phishing attacks will continue to rise and end users deserve real-time protection from phishing and other malicious websites. zvelo’s enhanced Angler phishing detection system, coupled with other cutting-edge malicious website detection capabilities, are steps in the right direction within the information security industry.

 

Phishing website examples as detected by zvelo:

 

eBay phishing website URL example as detected by zvelo
Image 1: eBay phishing website example that resembles the actual eBay login page

 

PayPal phishing website URL example as detected by zvelo
Image 2: PayPal phishing website example

 

PayPal phishing website URL, alert example as detected by zvelo
Image 3: PayPal phishing alert example that mixes German and English languages

 

Pharmaceutical, Fraud phishing website URL example as detected by zvelo
Image 4: Pharmaceutical phishing website example

 

View a PDF of this article by clicking here: zvelo’s Newly Enhanced Phishing Website, Attack Detection System

 

References:


  1. APWG. (November, 2011). Global Phishing Survey: Trends and Domain Name Use in 1H2011. APWG.org. Retrieved January 12, 2012 from http://www.apwg.org/reports/APWG_GlobalPhishingSurvey_1H2011.pdf.

  2. OpenDNS. (2011). OpenDNS® 2010 Report - Web Content Filtering and Phishing. OpenDNS.com. Retrieved January 12, 2012 from http://www.opendns.com/pdf/opendns-report-2010.pdf.

 

Rate this blog entry:
0
Trackback URL for this blog entry.
  • Justin Bieber

    Posted by Kardashian on 24 Aug 2012
    Kardashian ...
  • department of education

    Posted by education in america on 23 Aug 2012
    dept of education ...
  • college search

    Posted by college search on 22 Aug 2012
    online college ...
  • home based business

    Posted by business listings on 21 Aug 2012
    new business ...
  • education research

    Posted by education definition on 20 Aug 2012
    primary education ...
  • Flex mini

    Posted by Flex mini on 17 Aug 2012
    I have been reading in a class and we are looking at this subject in the next week. I will be assign my student to look at your post for good information. ...
  • Tonette Clyne

    Posted by America Gevorkian on 10 Aug 2012
    Jerry Merck ...

Miguel Alberto Gomez is a contributing writer to zveloBLOG and is an instructor and researcher with the College of Computer Studies at the De La Salle University, Manila, Philippines.

Comments

  • No comments made yet. Be the first to submit a comment

Leave your comment

Guest 16 Apr 2014