zvelo Newly Enhanced Phishing Website, Attack Detection System
The recent alarming jolt in phishing attempts may be attributed to the fact that controls such as anti-virus software and intrusion detection mechanisms don’t effectively mitigate these threats. Unlike other popular attack vectors such as malware, phishing requires little technological capital and typically does not interact with the victim’s device in such a way so as to draw suspicion from anti-malware solutions. The controls that do exist, mainly in the form of blacklists of known phishing sites, do not provide end users with adequate real-time protection. These blacklist controls typically depend upon end users to voluntarily submit suspected phishing sites and often delay blacklisting of submitted sites while manual vetting of the phishing designation is performed.
To combat phishing attacks, zvelo has enhanced its Angler℠ system – an automated, phishing detection system that protects end users in real-time against phishing attacks. The Angler phishing detection system analyzes well known and often targeted sites such as PayPal, Facebook and eBay. These popular websites are among the most commonly phished sites due to the enormous amount of personal and financial information they collect from their user communities.
Angler identifies phishing web pages using a highly sophisticated process. For instance, Angler scans all web pages using proprietary technologies to determine whether or not the URLs stylistically resemble PayPal, Facebook, eBay and other popular portals. In addition, suspect web pages’ characteristics are analyzed for fraudulent or malicious attributes, such as extremely long URLs, the number of external links, and many others.
Phishing attacks will continue to rise and end users deserve real-time protection from phishing and other malicious websites. zvelo’s enhanced Angler phishing detection system, coupled with other cutting-edge malicious website detection capabilities, are steps in the right direction within the information security industry.
Phishing website examples as detected by zvelo:
Image 1: eBay phishing website example that resembles the actual eBay login page
Image 2: PayPal phishing website example
Image 3: PayPal phishing alert example that mixes German and English languages
Image 4: Pharmaceutical phishing website example
References
1) APWG. (November, 2011). Global Phishing Survey: Trends and Domain Name Use in 1H2011. APWG.org. Retrieved January 12, 2012 from http://www.apwg.org/reports/APWG_GlobalPhishingSurvey_1H2011.pdf.
2) OpenDNS. (2011). OpenDNS® 2010 Report – Web Content Filtering and Phishing. OpenDNS.com. Retrieved January 12, 2012 from http://www.opendns.com/pdf/opendns-report-2010.pdf.
