Anti-phishing software explained

Anti-phishing software consists of computer programs that attempt to identify phishing content contained in websites, e-mail, or other forms used to accessing data (usually from the internet)[1] and block the content, usually with a warning to the user (and often an option to view the content regardless). It is often integrated with web browsers and email clients as a toolbar that displays the real domain name for the website the viewer is visiting, in an attempt to prevent fraudulent websites from masquerading as other legitimate websites.

Most popular web browsers comes with built-in anti-phishing and anti-malware protection services, but almost none of the alternate web browsers have such protections.[2]

Password managers can also be used to help defend against phishing, as can some mutual authentication techniques.

Types of anti-phishing software

Email security

According to Gartner, "email security refers collectively to the prediction, prevention, detection and response framework used to provide attack protection and access protection for email." Email security solution may be : Email security spans gateways, email systems, user behavior, content security, and various supporting processes, services and adjacent security architecture.[3]

Security awareness computer-based training

According to Gartner, security awareness training includes one or more of the following capabilities: Ready-to-use training and educational content, Employee testing and knowledge checks, Availability in multiple languages, Phishing and other social engineering attack simulations, Platform and awareness analytics to help measure the efficacy of the awareness program.[4]

Client-based anti-phishing programs

Service-based anti-phishing

Anti-phishing effectiveness

An independent study [12] conducted by Carnegie Mellon University CyLab titled "Phinding Phish: An Evaluation of Anti-Phishing Toolbars" and released November 13, 2006 tested the ability of ten anti-phishing solutions to block or warn about known phishing sites and not block or warn about legitimate sites (not exhibit false-positives), as well as the usability of each solution. Of the solutions tested, Netcraft Toolbar, EarthLink ScamBlocker and SpoofGuard were able to correctly identify over 75% of the sites tested, with Netcraft Toolbar receiving the highest score without incorrectly identifying legitimate sites as phishing. Severe problems were, however, discovered using SpoofGuard, and it incorrectly identified 38% of the tested legitimate sites as phishing, leading to the conclusion that "such inaccuracies might nullify the benefits SpoofGuard offers in identifying phishing sites." Google Safe Browsing (which has since been built into Firefox) and Internet Explorer both performed well, but when testing the ability to detect fresh phishes Netcraft Toolbar scored as high as 96%, while Google Safe Browsing scored as low as 0%. The testing was performed using phishing data obtained from Anti-Phishing Working Group, PhishTank, and an unnamed email filtering vendor.

Another study,[13] conducted by SmartWare for Mozilla and released November 14, 2006, concluded that the anti-phishing filter in Firefox was more effective than Internet Explorer by over 10%. The results of this study have been questioned by critics,[14] noting that the testing data was sourced from PhishTank, which itself is an anti-phishing provider. The study only compared Internet Explorer and Firefox, leaving out (among others) Netcraft Toolbar and the Opera browser, both of which use data from PhishTank in their anti-phishing solutions. This has led to speculations that, with the limited testing data, both Opera and Netcraft Toolbar would have got a perfect score had they been part of the study.[15]

While these two reports were released only one day apart, Asa Dotzler, Director of Community Development at Mozilla, has responded to the criticism of the Mozilla-commissioned report by saying, "so you're agreeing that the most recent legitimate data puts Firefox ahead. Good enough for me."[16]

Since these studies were conducted, both Microsoft and Opera Software have started licensing Netcraft's anti-phishing data, bringing the effectiveness of their browser's built-in anti-phishing on par with Netcraft Toolbar.[17]

See also

Notes and References

  1. Chanti. S.. Chithralekha. T.. 2020-01-01. Classification of Anti-phishing Solutions. SN Computer Science. en. 1. 1. 11. 10.1007/s42979-019-0011-2. 2662-995X. free.
  2. Web site: Aleksandersen. Daniel. Most of the alternate web browsers don't have fraud and malware protection. Slight Future. 16 August 2016. 25 August 2016.
  3. Web site: Gartner Inc. . Best Email Security Reviews 2023 Gartner Peer Insights . 2023-07-18 . Gartner.
  4. Web site: Gartner Inc. . Best Security Awareness Training Software Reviews 2023 Gartner Peer Insights . 2023-07-18 . Gartner.
  5. Web site: EarthLink ScamBlocker. EarthLink. 2006-09-01.
  6. Web site: eBay Toolbar. eBay. 2007-03-15.
  7. https://www.egress.com/products/email-security/defend Egress Defend
  8. Web site: GeoTrust TrustWatch. GeoTrust. 2010-11-02.
  9. Web site: Kaspersky Internet Security. Kaspersky. 2021-01-15.
  10. Web site: Kaspersky Anti-Virus. Kaspersky. 2021-01-15.
  11. Web site: McAfee SiteAdvisor. McAfee. 2022-05-20.
  12. Web site: Phinding Phish: An Evaluation of Anti-Phishing Toolbars . 2008-05-25 . https://web.archive.org/web/20100610061901/http://www.cylab.cmu.edu/files/pdfs/tech_reports/cmucylab06018.pdf . 2010-06-10 . dead .
  13. Web site: Firefox 2 Phishing Protection Effectiveness Testing. 2008-05-25 .
  14. Web site: Comment to Asa Dotzler blog post "safari unsafe? paypal thinks so." . 2008-05-25 . https://web.archive.org/web/20080505063110/http://weblogs.mozillazine.org/asa/archives/2008/02/safari_unsafe_p.html . 5 May 2008 . dead .
  15. Web site: Comment to Asa Dotzler blog post "safari unsafe? paypal thinks so." . 2008-05-25 . https://web.archive.org/web/20080505063110/http://weblogs.mozillazine.org/asa/archives/2008/02/safari_unsafe_p.html . 5 May 2008 . dead .
  16. Web site: Comment to Asa Dotzler blog post "safari unsafe? paypal thinks so." . 2008-05-25 . https://web.archive.org/web/20080505063110/http://weblogs.mozillazine.org/asa/archives/2008/02/safari_unsafe_p.html . 5 May 2008 . dead .
  17. Web site: Khan . Khalid . March 21, 2024 . Comparison of Anti Phishing Tools . August 11, 2024 . kth.diva-portal.org.
  18. Schneier. Bruce. Kingdom Authentication. CSO Magazine. Feb 2006. 52.