It may have an odd name, but phishing is one of the fastest growing security threats on the internet.
According to the Anti-Phishing Working Group, an industry trade group dedicated to combating the epidemic, phishing attacks have increased fourfold in the past 12 months (www.antiphishing.org).
The most common phishing attempts involve e-mail spam that appears to come from a trusted brand name such as a bank. This e-mail usually urges recipients to click on an embedded link that takes them to a fraudulent website where they are duped into entering personal, financial and other confidential information.
In July alone, the group received 14,135 phishing reports involving 71 brands, of which 86 per cent were financial institutions.
Personally, I receive phishing "bait" -- usually a bogus link contained in a fake but official-looking e-mail -- about once a week.
Given their growing sophistication, I decided it was time to take a closer look at some of the tools that can help internet users avoid the phishing nets.
The most common anti-phishing software defence is the browser toolbar. Over the past three months or so I have tested several, most of which are designed to work with Microsoft's Internet Explorer browser.
The leaders include Cloudmark's AntiFraud Toolbar (www.cloudmark.com), Comodo's TrustToolbar (www.comodogroup.com) and Netcraft's toolbar (toolbar. netcraft.com).
All are free, easy to install and use but each works differently. Cloudmark's toolbar relies on a black list of sites it warns you not to visit, while Comodo uses a white list approach, notifying you that the site you are visiting is safe.
Launched earlier this year, the Cloudmark toolbar is still officially a "beta" or trial version. It works with Microsoft Internet Explorer to stop users from visiting known phishing or questionable site. The rating system is based on feedback from the 1.3m-plus users of Cloudmark's $40-a-year SafetyBar service for Microsoft Outlook and Outlook Express users.
The downside to relying on community feedback is that a new site may slip through the net. That said, the toolbar generally did a good job of warning me about dubious sites.
Like Cloudmark, UK-based Netcraft's toolbar is based on a community model -- effectively a giant web neighbourhood watch scheme that enables the first recipients of a phishing e-mail to help protect subsequent recipients. It works with my favourite web browser, Mozilla's Firefox, as well as Internet Explorer. The toolbar also traps suspicious web addresses and clearly displays sites' hosting location, helping you to evaluate fraudulent web addresses -- the real citibank.com or barclays.co.uk sites are unlikely to be hosted in the former Soviet Union.
Comodo's TrustToolbar, another free Internet Explorer plug-in, is based on a different model, relying on a "white list" of 20m-plus approved sites put together by IdAuthority, an affiliate company.
The TrustToolbar looks up the web address of any site you visit and matches it against the approved list. When the toolbar recognises a site, it displays the name of the company that owns the domain. While this should guarantee that most phishing sites are caught, it also means that personal websites and other less well established sites could show up as unregistered.
Of the three, my favourite is the Netcraft toolbar. However, Microsoft recently released a test version of an anti-phishing toolbar that could prove the most effective, though for the moment it is only available in the US.
Microsoft's Phishing Filter is actually an add-in to the MSN search toolbar and relies on a combination of technologies including personal white lists, a black list system run by Microsoft and so-called heuristic technology that spots characteristics common to phishing sites.
The filter, which requires Internet Explorer 6, is designed to block users from entering personal data if the site is classified as fraudulent and provides warnings if it contains characteristics common to a phishing website.
Among other software programs designed to help protect internet users from phishing is Phishing.net's $40 Clear Search Anti-Phishing package.
Clear Search looks for sites that deliver pop-ups completely unrelated to the web page they are on, sites that request account information but that are not protected by Secure Socket Layer (SLL) encryption, e-mail messages containing a link that does not match the URL associated with it and a web address that is "spoofed" using techniques that include placement of odd characters in the website address.
While the software performed reasonably well during my trial, it did not spot some of the fraudulent eBay phishing e-mails I have been sent.
Most of the existing anti-phishing tools are reactive. A new service launched recently by California-based start-up lconix (www.iconix.com) takes a different approach,
Its "visual identity for e-mail" service is primarily designed to help companies protect their brands but also to make it easier for consumers to spot e-mail phishing attempts.
It comprises two parts, eMail ID, a free software download for users that plugs in to their e-mail software, and Truemark, a fee-based registry service for companies that builds on existing authentication standards, including Microsoft's Sender ID and Yahoo's DomainKeys.
When an e-mail lands in a user's inbox protected by eMail ID, the lconix service authenticates the message -- checks that the sender is who they claim to be, and then, provided the e-mail is legitimate, displays the sender's Truemark.
Senders pay a fraction of a cent each time the logo is shown, and more each time a logo-enhanced e-mail is opened. The user can see at a glance which e-mails come from legitimate senders and which do not.
Iconix has also built in a couple of nice touches to the service. When a user moves the mouse over a company logo, a certificate is displayed that verifies the sender of the e-mail.
For individual users, lconix allows friends and family to create their own buddy icons, so incoming e-mails feature their icon next to their names.
There is one drawback. The eMail ID plug-in is initially only available for Yahoo mail. Iconix is promising to make plug-ins available quickly for most PC, Mac and web-based e-mail services. But until then its appeal is limited.