In association with heise online

08 January 2007, 16:54

Hunting down phishing sites

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The most effective way of fighting phishing websites is to find and block them before a link to the site gets sent to potential victims via mass e-mailings. One way of finding phishing websites is to use the Mark Alert service from Domain Tools, which tells users when a domain which infringes their trademarks is registered with a registrar. This can, however, be used for more than just preventing trademark infringements - it can also be used to find websites which conceal nefarious purposes.

The manufacturer of F-Secure anti-virus software recently used Mark Alert to find a not yet activated, but already available phishing server and tried to remove it from the web. It is not unusual for, say, phishing websites posing as banks to include the name of the bank, whose customers they are trying to fleece, in their URL, in this case it was 0nline-bankofamerica.

If an organisation is able to receive alerts of all domain name registrations which include their trademarks in a URL, it becomes easy to recognise at an early stage if such sites are intent on fraud and to inform the provider or host, in order to remove the site from the web.

image 1 [391 x 196 Pixel @ 13,6 KB]
Mark Alert will send the user an alert if any matches are found between new domain name registrations and a string entered via its front end.

The service is free for the first alert for one monitored text string. Thereafter it costs 15 dollars for 10 alerts per month. Mark Alert can also be configured so that the user is alerted about variants of the text string in a domain name. Attempts to conceal "postbank" as "postbonk" will be found through the two text strings "post" and "nk".

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit