WholeSecurity has developed software that, when integrated into a browser plug-in such as eBay’s Account Guard toolbar, can calculate the probability that a URL leads to a phishing site and then block it.
Vice-president of corporate marketing, JT Keating, said the software uses a combination of spotting the technological tricks phishers use to make their sites look like famous brands, and leveraging knowledge of the specific site.
It could, for example, spot a URL that has been deliberately obfuscated to hide the real domain or IP address. It could also spot that the IP address does not match the known address range of the purported branded site.
It only looks for phishers spoofing WholeSecurity’s clients, but each implementation will protect against the whole client base. So if, for example, Citibank became a client, eBay’s toolbar would protect users against Citibank scams.
The model we’re pursuing is that everybody protects everybody, Keating said. Online sites have been hammered by these phishing attacks. Their users are starting to question every electronic communication they get.
Other customers for the WholeSecurity system have not been named, although there are evidently a few. Keating said that instances of false positives were, in testing, largely limited to authentic sites that had not been communicated to eBay’s security people.
