Are there any good ones out there and can anyone give a good recommendation?

-{ Quote: "Are there any good ones out there and can anyone give a good recommendation?" }-
Hi benton4,

I use netcraft on Firefox and IE: http://toolbar.netcraft.com

-- Tom

ScamBlocker.
http://www.earthlink.net/software/free/toolbar/
Easy to use, and doesn't slow anything - System or browsing. It was the first anti-phising protection. Not saying it's the best, but it's free and i've tested it on a few known phishing sites and it worked fine.

But one thing i'd really like to see is an Anti-Phishing application test. Dunno if there has been one, but would be very useful.

muf

Hi, here's another but I have not used it, perhaps someone out there has some experience of it.

http://www.spoofstick.com/

Gordon

Also, check out Fraudeliminator:

http://www.fraudeliminator.com/started.php

I agree with G1111 fraud eliminator is a good one and also IPGuardian http://www.soft-trek.com.au/prjIpGuardian.asp .

Thanks,

Chris

Of those already listed , I STRONGLY suggest the use Of SpoofStick from CoreStreet . Fraud Eliminator is pretty good as well . You want one with a VERY high # of fraudulent sites in their database . Hence , SpoofStick .

Good luck

-{ Quote: "Of those already listed , I STRONGLY suggest the use Of SpoofStick from CoreStreet . Fraud Eliminator is pretty good as well . You want one with a VERY high # of fraudulent sites in their database . Hence , SpoofStick ." }-Uhm, SpoofStick doesn't have a database of sites.. it just tells you what site you're really on so you don't get duped into thinking you're somewhere else. It's a great program, but it doesn't give you any kind of rating like FraudEliminator or NetCraft.

I've used SpoofStick for some time now. I'm checking out FraudEliminator right now (thanks!), and it's looking pretty nice :) I might use both, though, as not depending on a database is a big plus in my book.

-{ Quote: "Are there any good ones out there and can anyone give a good recommendation?" }-
safe computing web site has one it works but slowws your computer::)

IPGuardian will also stores an encrypted database of passwords and logins and when you goto a site that requires this will automatically fill them in to where keyloggers can't detect them. Also shows when you are an actual secure site like banking and such. Hope you don't mind the listing of features.

Oh yea. Also can be run from a usb stick or floppy or whatever.

Thanks,

Chris

Notok . Thanks
I believe you are mistaken . So I am clear about this , database may not be a good choice of words . To me , it is . There are KNOWN sites that link you elsewhere AND there are sites that are detected by their actions . Also known as heuristics . SpoofStick has a high # of knowns . Their database IS up to date and IS large . I do not push any of these on anyone . I personally like Fraud Eliminator AND SpoofStick . I have tried the others and found them to lack the intelligence of the two I like .
Bottom line is , both of those IN MY OPINION , are better than the others mentioned .

Thanks for the information folks. But I have one question. Does anyone actually use both Fraud Eliminator AND SpoofStick together? Cheers Chew

Thanks for all the input. Fraudeliminator caused my FF browser to crash-not sure why. Currently I'm trying the Trustwatch toolbar.Don't notice any slowdowns yet.

For Chew :
Do not know that both will run at the same time . Guess they could . Sorry . I am rambling tonight . I have never run both at the same time .
Good luck . it will be interesting to see if it is done . AND what the consequences may be !

hollywoodpc I am only using SpoofStick at the moment but I am keeping an open mind as to what I can install on Firefox. I guess anything that is listed on Firefox Extension website is rather straightforward and easy to use. Not sure about others though. Chew

-{ Quote: "I believe you are mistaken . So I am clear about this , database may not be a good choice of words . To me , it is . There are KNOWN sites that link you elsewhere AND there are sites that are detected by their actions . Also known as heuristics . SpoofStick has a high # of knowns . Their database IS up to date and IS large . I do not push any of these on anyone . I personally like Fraud Eliminator AND SpoofStick . I have tried the others and found them to lack the intelligence of the two I like .
Bottom line is , both of those IN MY OPINION , are better than the others mentioned ." }-I don't suppose you have any source for that? I'm not seeing anything like that, and I've never seen that kind of behavior with SpoofStick.. it just tells you the actual server that you are visiting, that's pretty much it.

Just a word of warning about FraudEliminator, I went to uninstall it because it wasn't working, when I did it tried to open about 100 IE windows (literally) until it, and other programs, started crashing. Yikes, if that's a bug, it seriously needs fixing. My CPU usage is still at 100% from my security software trying to catch up.

Thanks for the warning Notok. I only install something that will not crash my system. If the program will mess up my system I will not even touch it with a pole coz I just don't want the hassle. I make sure I do some research before I install. SpoofStick is simple and good enough for me so far but I guess it is better than nothing and do not crash my system. Cheers Chew P/s: SpoofStick it is for the moment for me that is.

Hey Notok .
I sent an email to them awhile back . Their response was something to the effect of , because it is connected to the internet , it automatically draws from the database without the need for updates . As for any credible info ? No , I have none to give as it is mute to me anyway . I know what it does and how it does it . I am not trying to make people use the product . It makes no difference to me . I must say that I believe MOST , if not all of these types of programs , have a database . They cannot all simply rely on heuristics . That is an assumption but , it is my guess .
Anyway , good luck on whatever you use . I never had the problem you experienced with FE . But , SpoofStick is excellent , regardless of how you think it works .
Cheers

-{ Quote: "Hey Notok .
I sent an email to them awhile back . Their response was something to the effect of , because it is connected to the internet , it automatically draws from the database without the need for updates . As for any credible info ? No , I have none to give as it is mute to me anyway . I know what it does and how it does it . I am not trying to make people use the product . It makes no difference to me . I must say that I believe MOST , if not all of these types of programs , have a database . They cannot all simply rely on heuristics . That is an assumption but , it is my guess .
Anyway , good luck on whatever you use . I never had the problem you experienced with FE . But , SpoofStick is excellent , regardless of how you think it works .
Cheers" }-At this point I think people will probably just be very confused about how it works, and I don't want people downloading it thinking it will give you an alert if you land on a phishing site, because it won't. From the website:

-{ Quote: "SpoofStick makes it easier to spot a spoofed website by prominently displaying only the most relevant domain information. It's not a comprehensive solution, but it's a good start. For example, if you're on the following URL (this is a real, legitimate ebay url):

http://signin.ebay.com/aw-cgi/eBayISAPI.dll?
SignIn&UsingSSL=0&pUserId=&ru=http%3A%2F%
2Fcontact.ebay.com%2Fws1%2FeBayISAPI.dll%
3FShowCoreAskSellerQuestion%26requested%
3Ddominicsmusic%26de%3Doff%26iid%
3D3711129021%26frm%3D284%26acceptcookie%
3D0%26loginconfirmed%3D0%26redirect%3D0%
26pass%3D%7B_pass_%7D%26userid%3D&pp=p
ass&co_partnerid=2&pageType=711"

Spoofstick will say: "You're on ebay.com".

If you get fooled by going to a spoofed site, for example http://signin.ebay.com@10.19.32.4/ (a "spoof" example used by ebay in their customer outreach),

Spoofstick will say: "You're on 10.19.32.4"" }-
There's no heuristics or database to it, it simply shows you the actual site you're on so that you don't get fooled into thinking you're on eBay (for example) when you're really on a scammers site, even if they've used some vulnerability (like the IDN spoof) to make your browser show ebay.com (when you're really at scammer.com). When what SpoofStick shows is different than what the address bar shows, you know something is "phishy" ;)

I'm not trying to pick on you here, hollywood, but I don't want people here confused, downloading it thinking it's an "intelligent" solution that they don't have to pay attention to until it alerts them, because it doesn't work that way. As with any security software, you have to know it's limits and how it works for it to be effective.

--

It looks like FraudEliminator is a no-go for me, but NetCraft is working beautifully. :)

-{ Quote: "
Just a word of warning about FraudEliminator, I went to uninstall it because it wasn't working, when I did it tried to open about 100 IE windows (literally) until it, and other programs, started crashing. Yikes, if that's a bug, it seriously needs fixing. My CPU usage is still at 100% from my security software trying to catch up." }-

I have had no problems with FraudEliminator so far. I have uninstalled and reinstalled it a few times with no problems. I had Netcraft Toolbar but it would occasionally freeze my system calling home to check for updates. FE calls home for updates and I allow it. I was concerned at first that it is fairly new and might be spyware itself, but it has gotten okay reviews and I haven't found anything bad about it so far. They have a paid version that is suppose to give quicker updates. I found no reason to go with the paid version. I use SpoofStick with Firefox, but can't get it to work with IE6. My experience is that they all can be fooled and you should be alert as they (toolbars) aren't the ultimate solution to anti-phishing, just another tool.

While I agree there are no heuristics or database contained in SpoofStick....there are some warning alerts that will be presented in the case of a URL address spoof.

www.wilderssecurity.com@google.com

Notok,

I emailed you reguarding Fraud Eliminator as to not hijack this thread.

Thanks,

Chris

-{ Quote: "I have had no problems with FraudEliminator so far. I have uninstalled and reinstalled it a few times with no problems. I had Netcraft Toolbar but it would occasionally freeze my system calling home to check for updates. FE calls home for updates and I allow it. I was concerned at first that it is fairly new and might be spyware itself, but it has gotten okay reviews and I haven't found anything bad about it so far. They have a paid version that is suppose to give quicker updates. I found no reason to go with the paid version. I use SpoofStick with Firefox, but can't get it to work with IE6. My experience is that they all can be fooled and you should be alert as they (toolbars) aren't the ultimate solution to anti-phishing, just another tool." }-Just goes to show that things can act differently on different people's computers, I guess :) Just to be clear, I'm not recommending that anyone stay away, but just be aware that things can go wrong. I wouldn't have thought that a browser extension could have done that much! It's all ok now, though. I've just uninstalled the the extension from FF, but will leave it installed on the system.

-{ Quote: "While I agree there are no heuristics or database contained in SpoofStick....there are some warning alerts that will be presented in the case of a URL address spoof.

www.wilderssecurity.com@google.com" }-Nice, hadn't seen that one before.. thanks :)

-{ Quote: "Notok,

I emailed you reguarding Fraud Eliminator as to not hijack this thread.

Thanks,

Chris" }-And replied :)

One to look out for. Deepnet AntiPhishing, Uses behaviour detection only. Coming soon for IE and FF.
http://www.deepnettechnologies.com/products/dap.asp

muf

Firetrust makes one as well..
http://www.firetrust.com/firetrustsitehound.html

Although it's not a toolbar, Online Armor also has some good anti-phishing features, including DNS verification (which I haven't seen elsewhere).

Hi guys, I am thinking of trying one of these toolbars but Do any of them have malware themselves? ie hijacking homepages because I see in scam blockers write up..........
-{ Quote: "Our ScamBlocker tool is available as part of our TotalAccess® 2005 software as well as the EarthLink Toolbar." }- and -{ Quote: "Includes a built-in search box for fast, convenient searching
Includes up-to-the-minute, clickable news headlines in 11 categories " }-
Fraud eliminator or netcraft look promising. Are these free trials or "really free".
thanks Gordon

I can speak for fraud eliminator it is really free but the free version has less features than the paid version. No adware or spyware in either version.

Thanks,

Chris

-{ Quote: "Hi guys, I am thinking of trying one of these toolbars but Do any of them have malware themselves? ie hijacking homepages because I see in scam blockers write up..........
and
Fraud eliminator or netcraft look promising. Are these free trials or "really free".
thanks Gordon" }-


ScamBlocker doesn't have malware. I have Spybot, Spy Sweeper, Ad-Aware, X-Cleaner, Counterspy and none report my Scamblocker toolbar.

M.

-{ Quote: "Fraud eliminator or netcraft look promising. Are these free trials or "really free".
thanks Gordon" }-

Both are free and FE has a paid version also.

Netcraft is a great option. I used to use it extensively. Spoofstick is also neat extension, though in some cases it slows down browsing speed.

Since both are free....just try them out and see what works for you!

Thanks for your input guys. I will trial FE and netcraft and see how they do.
Thanks again, Gordon

Am now trialling FE and so far impressed. Came across another today from Firetrust called SITEHOUND [who do Mailwasher of course.] There is a free and paid version like M'washer.

http://www.firetrust.com/firetrustsitehound.html?newsletter=08
Gordon

Ok I have been trying anti phishing toolbars for a few days now. So for anyone interested here is how I fared..............
Firstly I tried Fraudeliminator [free], Installation was trouble free. It looks good and seemed to work very well, but after a little while I noticed my Browser [I use IE6] started to freeze up on certain web pages. There are also numerous pop-ups asking you to buy and inform your friends and family about the programme. so I uninstalled it............ without any problem.
Then I tried Netcraft, even though I use ADSL, browsing was like being back on dial-up, very slow- and when I clicked on certain links on the Netcraft toolbar to visit their website, my Avast webshield denied access because it said there were dangerous elements on the pages I wanted to view! Hence that one didnt last long.
Then I tried firetrusts Sitehound, which certainly works, but the installation and registration process to retrieve an account seems rather complicated and wieldy. I got an error message 3 times. When finally up and running, there was no slow down in browsing but the GUI toolbar is not very nice. To obtain further info about a website you're visiting means opening another window. I visited some 'dubious' websites to try it out. It did warn me of the risk in entering 'those' sites but the free version [as firetrust do point out] does not inform you what that risk is unless you buy a registration. It maybe just an adult site or maybe some horrific malware waiting for you. So you cannot make an informed decision with the free version. Firetrust dont give you a months free trial either of the full version so you cant evaluate anything, the free version seems un-informative, so that was also uninstalled.
It would appear that MS have also developed an anti phishing toolbar, I believe it will be included in IE7 but a beta version for IE6 with an MSN toolbar can be found here.......but I cannot use it I still have SP1.

-{ Quote: "Microsoft Corp. will soon make available to the general public a tool for warning users about 'phishing' scams that could lead to identity theft. Currently, such a tool comes only with the Internet Explorer 7 browser, which is available in tests only to a select group of developers.
But within a few weeks, Microsoft will incorporate it into a toolbar for older versions of IE. While still officially a test, the anti-phishing tool will be available to anyone running the Windows XP operating system with the Service Pack 2 security upgrade from last summer. The company will eventually make it available to older Windows systems, too." }-
http://addins.msn.com/phishingfilter/

Gordon

Most developers of free software do add in ads and the like. Not much considering your using it for free. FE is a very good program and even moreso after purchase but if you feel it is not for you then that's how you feel.

Since you did not feel comfortable using it you can also try IP Guardian http://www.soft-trek.com.au/prjIpGuardian.asp

I think you will like it but again it is not free but from what I remember there are no ads or the like during the trial.

Thanks,

Chris

Thanks Chris, I will certainly give IPGuardian a whirl in the near future. I have actually done a clean re-install of Fraudeliminator to see If I can solve the issue of the browser freezing up, that was more of a problem to me than the pop-ups, [and I do like the programme.]
I have to say It does seem better this time, I dont know why it was freezing up last time. It seemed to do it when I got the "page cannot be displayed" message, and I had to close the browser and start again. So far [touch wood] it hasnt happened.
cheers Gordon

Please keep me informed so I can let the developer know about these issues. FE is a really good program for what you seem to be looking for. I'm glad you gave it another shot. Again please let me know any other issues you experience.

Thanks,

Chris

I have been using Fraudeliminator for a few months now and it has been working fine.
However, there seems to be a new one on the 'market', which is freeware, anyone tried this yet?............. CALLINGID It's write up is good.

http://callingid.com/CallingIDAndOthers.aspx

Ah now I see, free for 1 year only, as here...........

CallingID
07.29.05 Company: CallingID, www.callingid.com
Price: $39.95 per year, currently offering 1 year free
They dont tell you everything straight away do they?

-{ Quote: "Ah now I see, free for 1 year only, as here...........

CallingID
07.29.05 Company: CallingID, www.callingid.com
Price: $39.95 per year, currently offering 1 year free
They dont tell you everything straight away do they?" }-

I'll have a *really* free toolbar released in early January. Its in final stages of development now, but Christmas and New Year holidays have messed with the schedule a bit.

Mike

Dear Mike , Thanks
I look forward to its release.
Gordon

-{ Quote: "I'll have a *really* free toolbar released in early January. Its in final stages of development now, but Christmas and New Year holidays have messed with the schedule a bit.

Mike" }-
will u also make it as a firefox toolbar/extension?

addition: i tried FraudEliminator but it doesnt seem to work with firefox 1.5. IE toolbar works fine. i also tried the netcraft toolbar and tho it works, its look smushed and short with my SaFire theme. afaik all other toolbars are IE only, so for now im sticking to SpoofStick.

-{ Quote: "will u also make it as a firefox toolbar/extension?" }-

Yep, you can expect that shortly after the release of the IE bar.


Mike

I've only used Netcraft Toolbar (with Firefox 1.0.x and 1.5), but it has never given me a problem. And if it slowed anything down, I couldn't notice it.

But I've been wondering something: Do any of these toolbars also (attempt to) catch sites that are known to distribute malware ... or are they strictly and literally only for phishing sites?

For example, suppose there is some site that doesn't try fooling you with the URL, but does try to exploit a JavaScript bug that unleashes a trojan on your system.

-{ Quote: "Am now trialling FE and so far impressed. Came across another today from Firetrust called SITEHOUND [who do Mailwasher of course.] There is a free and paid version like M'washer.

http://www.firetrust.com/firetrustsitehound.html?newsletter=08
Gordon" }-


I have SiteHound on my IE but don't use IE hardly ever but Sitehound updates quite often and seems to work well.

Dear Nameless, As far as I know they are for phishing sites only. But fraud eliminator does have a popup blocker as well, which can be tailored to your needs. It also warns if the site has been online for 1 year or less or 1 month etc. So can be quite useful. You can also report suspicious sites to the makers, who will, if applicable, add it to their 'latest threat updates', which are automatically updated.
good luck Gordon

-{ Quote: "Do any of these toolbars also (attempt to) catch sites that are known to distribute malware ... or are they strictly and literally only for phishing sites?" }-
To answer my own question, I got a response from Netcraft, saying "Only phishing sites."

It seems, from their description (http://www.firetrust.com/firetrustsitehound.html), that SiteHound covers malware sites and phishing sites. Unfortunately, they don't currently support Firefox, so I can forget that. (I also dislike their "freeware" version pretension.)

me too

Gordon

Hi everyone.

I work at CallingID and I noticed that you've mentioned CallingID toolbar previously in this thread so I wanted to offer to answer any questions you might have.

I'd also like to point out that the quote about CallingID having any type of timed evaluation is FALSE. The toolbar is completely free and only site that displays any kind of price/evaluation period is Download.com (Despite several requests, the have not amended the error). The toolbar is fully functionally on both IE and FX.

If there are any more questions, please ask me.

Thanx.

-{ Quote: "Hi everyone.

I work at CallingID and I noticed that you've mentioned CallingID toolbar previously in this thread so I wanted to offer to answer any questions you might have.

I'd also like to point out that the quote about CallingID having any type of timed evaluation is FALSE. The toolbar is completely free and only site that displays any kind of price/evaluation period is Download.com (Despite several requests, the have not amended the error). The toolbar is fully functionally on both IE and FX.

If there are any more questions, please ask me.

Thanx." }-

I am already using SpoofStick, Google anti-Phishing, and Site Advisor for my Firefox browser....:dry: do you think I still need to install CallingID? ::) ???

Maybe, different anti-phising equipments does its jobs differently and has some kind of differences in detecting fake websites and this has really made me aware of this. But, I hesitates that maybe they'll conflict with some already installed... or they'll just works in harmony? ???

I would like to ask one more question, are CallingID will not slow down my dial-up internet connection? COZ IF IT WILL, then I will not use it...:shifty: :dry:

Hi Sweater, Thanx for your questions.

Different toolbars use different technologies, databases and concepts when detecting phishing sites. CallingID (and our competitors, I'm sure) strive to offer the best possible solution with the fastest, most reliable and informative rating system. If phishing is a major concern to you then using several toolbars to double check each site is probably a good idea. Still, you'd want to use the best toolbars for this and therefore I encourage you to use CallingID.

The CallingID toolbar does not conflict with your other anti-phishing toolbars (it's been tested with ALL the anti-phishing toolbars and dozens of leading non-anti-phishing toolbars as well).

While CallingID and all other site-verification software require extra communication with a server, CallingID transfers only a tiny amount of info per site (and even less if it's a site you've visited before). It will affect you connection, but to such a small degree that you won't even notice it.

Thanx again for your excellent questions, please let me know if you have any more.

CallingID looks good and has no conflicts or whatsoever problems on my pc...but the thing that concerns me most is that it eats up some of my RAM memory. :P

Are there any way or any thing that I can do to lower its memory consumptions? ::) ???

Then, after several minutes RAM consumptions goes up from 7-10 MB. :-[

If this would still insists this way, then, maybe I have no choice but to uninstall it and rely on my other anti-phising tools. :-\ :wacko: :P

Maybe, on your next version upgrade you can fix this thing right away...:ouch: :shifty: coz this tool looks small though very useful and should not have to eat such big in order to function effectively and have it on my browser's pc...:isay: >:( :(

Thanx for your comment Sweater,
We're aware of the RAM consumption and are working to lower it significantly in our future versions.

Please note that since CallingID processes each website you visit, it's RAM consumption rises when you open a very large number of Internet Explorer windows or numerous tabs in Firefox.

If you're computer is low on RAM or if RAM Consuption is a major issue for you, I can contact you once CallingID's RAM consumption level is lower.

Thanx,
Matan Arie

Thanks also....;)

I hope, it will improve in the next version...especially the RAM memory consumption thing...:blink: :dry:

Visiting fake websites is also one of the most dangerours thing in the net, and your program I think helps a lot in determining if it's real or not..:)