Jump to content
Sign in to follow this  

Don't Get Reeled In: Antiphishing Tools

Recommended Posts


Don't Get Reeled In: Antiphishing Tools


We took an informal look at a few utilities that claim to help you tell fake sites from the real deal to see how well they work. None is a panacea, but the tools are a good first step. Note that some online stores and financial services now offer their own tools, as well, such as EBay's Account Guard software on its downloadable toolbar.


CoreStreet SpoofStick: Free toolbar extension to Internet Explorer and Mozilla Firefox browsers.


What it does: This toolbar prominently identifies the URL of the Web site you are visiting. The tool worked well for the suspicious, all-numbers address of the phishing site I tried, but this approach won't be as effective if thieves use a clever URL that closely mimics the legit company's own address. And SpoofStick won't alert you to scams that direct you to a legit site but open a pop-up window to get your data, because pop-ups can't show its toolbar.


EarthLink ScamBlocker: Free toolbar for most browsers.


What it does: ScamBlocker keeps a list of known fraudulent sites and redirects you to an alerts page on EarthLink's servers when you try to access such a site. This was the only tool that identified a known phishing site and prevented my browser from loading it. But its effectiveness depends on a current and complete list.


GeoTrust TrustWatch: Free toolbar for IE 5.x and later.


What it does: This program monitors the sites you visit and rates their safety with a color code: green for safe, yellow for caution, and red for known fraud site. In my trial of a beta version, most sites came up yellow, which quickly desensitized me to the alert, and it failed to catch a known phishing site I visited. Like SpoofStick, this program won't alert you to scams that use pop-ups because pop-ups can't display its toolbar.


WebRoot Phish Net: Free program, compatible with Internet Explorer 5.5 and later.


What it does: You input your sensitive data--including passwords, bank account and Social Security numbers, and user names--and Phish Net encrypts and stores that data on your PC so that it can tell when you're divulging info. It monitors you online, checking for visits to known phishing sites. The tool alerts you when you type in sensitive data at an unknown site or one known to be fraudulent. I looked at a beta version that did not have access to the list of blocked sites, but it still warned me against sending information to the phishing site I visited because the site was not on the Trusted list; you can override this if you know a site is legit.


Tom Spring

Source: pcworld.com

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Create New...