Antiphishing softwarePhishing is a criminal activity using social engineering techniques. Phishers attempt to fraudulently acquire sensitive information, such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication. EBay and PayPal are two of the most targeted companies, and online banks are also common targets. Phishing is typically carried out using email or an instant message, and often directs users to a website, although phone contact has been used as well. Attempts to deal with the growing number of reported phishing incidents include legislation, user training, and technical measures.
User training can help stop Phishing. Users can take steps to avoid phishing attempts by slightly modifying their browsing habits. Users who are contacted about an account needing to be "verified" (or any other topic used by phishers) can contact the company that is the subject of the email to check that the email is legitimate, or can type in a trusted web address for the company's website into the address bar of their browser to bypass the link in the suspected phishing message
How to choose the best Antiphishing program?Have it as a part of your browser application.
Anti-phishing measures have been implemented as features embedded in browsers, as extensions or toolbars for browsers, and as part of website login procedures. The following are some of the main approaches to the problem.Since phishing is based on impersonation, preventing it depends on users having some reliable way to identify the sites they are dealing with. For example, some anti-phishing toolbars display the real domain name for the visited website. The petname extension for Firefox lets users type in their own labels for websites, so they can later recognize when they are back at the correct site. If the site is a suspect, the software may either warn the user or block the site outright.
Browser alerts when entering fraudulent websites.
Another popular approach to fighting phishing is to maintain a list of known phishing sites and to check websites against the list. Microsoft's browser above version IE7, Mozilla Firefox above version 2.0, and Opera all contain this type of anti-phishing measure. Firefox uses Google anti-phishing software, which may also be installed under IE6. Opera, above version, 9.1 uses live blacklists from PhishTank and GeoTrust, as well as live white lists from GeoTrust. Note that some implementations of this approach send the visited URLs to a central service to be checked, which has raised concerns about compromising the user's privacy.
Use an application that supports Security skins.
This is a related technique that involves overlaying a user-selected image across the login form as a visual cue that the form is legitimate. However, unlike the website-based image schemes, this image is shared between the user and the browser, not between the user and the website. The scheme also relies on a mutual authentication protocol, which makes it less vulnerable to attacks that user-only authentication schemes are vulnerable to.
Eliminate phishing mail through anti-spam application.
Because phishing mostly comes from email messages, a good anti-spam application can filter these emails with integrated anti-phishing filter.
Take home advice:
The best advice for consumers is to avoid responding to or clicking on links in emails that appear to come from eBay, PayPal, or a bank or credit card company. Contact the company directly via its website or phone number.