Phishing—the term for scams that gather personal information from fake websites—has become a serious problem, with the number of phishing web sites increasing by 65 percent in December 2005 alone, largely due to the increased use of do-it-yourself “phishing kits.” To combat this problem, many software providers have started to bundle antiphishing technology into their products. Thunderbird was the first, with Firefox and Internet Explorer 7 (beta) following soon afterwards. Now, Symantec has joined the phray by announcing their own standalone antiphishing tool, called Norton Confidential.
Norton Confidential will warn users of any web browser or e-mail program when they are about to visit a suspected phishing site, and also adds a background encryption layer for the user’s web-based passwords. It uses a combination of known “block lists” and heuristic analysis to warn against or block out phishing sites.
Phishing is a phenomenon that grew out of AOL instant messenger scams and was first identified by the hacker magazine 2600. As such, it is somewhat incongruous to hear newscasters on CNN using the term, yet the fact that serious elder statesmen are now using L33T-speak simply proves that the Internet, once merely a home for nerds, has moved completely into the mainstream.
Most phishing scams now involve e-mail, where the scammer sends off an urgent message warning that the user’s bank account (or more frequently these days, PayPal account) will be suspended unless said person reenters their account information. A link is provided, which leads not to the web site named in the article, but a poor copy (sometimes with spelling errors) hosted on the phisher’s own site, often using a raw IP address to hide the fact that the URL is not correct. My personal favorites are the ones declaring that I have received an e-card from “a family member!” Gosh! And I hadn’t heard from “a family member” for months!
All jokes aside, Symantec claims that “the majority of today’s existing antiphishing solutions rely solely on block lists to identify known fraud sites.” However, this isn’t really an accurate description of the current state of antiphishing technology. Many applications, such as Thunderbird and Microsoft’s Hotmail, use simple heuristics to identify, for example, if an e-mail claims to be linking to a certain URL but actually links to something else.
So is Norton Confidential a necessary product, or just a case of a company phishing for more profits? Symantec calls their new product a “comprehensive online transaction security solution” and presses the need for increased confidence in online commerce. Their new product may interface with the rumored Symantec single sign-on authentication service for increased security. Other major software firms, such as Microsoft, have warned against the dangers of eroding public confidence in Internet transactions. Whether Symantec’s solution will help allay public concerns remains to be seen, but in the meantime, keep practicing skeptical computing.
Norton Confidential is in beta testing now for Windows XP, with the beta period set to expire on October 14, 2006. A Macintosh version is also planned. Pricing details have not yet been announced.