Kaspersky Internet Security 2009's anti-phishing engine

Do Kis 2009 analyse web sites(called heuristic anti-phishing?) for anti-phishing or just have a blacklist for anti-phishing?
Are there security suites which has anti-phishing engine which analyse web pages?

 

I don't know about KIS2009, but Norton Internet Security 2009 does have an anti-phishing engine, both with heuristics and blacklisting.

 

Hi Katmai,
From the KIS 2009 helpfile:
"The Anti-Phishing component tracks attempts to open phishing sites and blocks them. The application's threat database lists all sites currently known to be used for phishing. The Kaspersky Lab specialists add addresses obtained from the Anti-Phishing Working Group, which is an international organization. Your local copy of this list is updated by updating the application's databases".

 

So its blacklist-based.. no heuristics. This means its pretty useless.

 

Whats NIS got to do with KIS?

 

kaspersky has heurstic model for web and you can tweak it from the web traffic settings so i think its total for all web threats including Phishing Site

 

Hi Jin K,

Unless I'm missing something, I don't think so. I read through the help again and in all its references to heuristics, it doesn't mention phishing.

 

Here's 2 screenshots of Web Traffic settings. Hopefully I'm missing something.

 

Sorry to keep posting, but the question really got me wondering.
This was asked at the Kaspersky forum http://forum.kaspersky.com/index.php?showtopic=98297&hl=phishing
It only uses a blacklist.

 

In addition to using the Anti-Phishing Working Group for their list of phishing URLs, I believe KL uses the PhishTank database as well.

 

These heuristics you have referred to above have nothing to do with phishing. They are only meant for drive-by downloads.

Phishing is still non-heuristic, black-list based.. USELESS.

 

The topic starter asked:

And I replied.

 

And yet many still use the blacklist approach.

It'd be useful to have some heuristic element as an additional tool, but like with blacklisting etc., they will need to be tweaked and updated every so often in much the same way signatures and other blacklists are.

As is often said, it's a cat and mouse game that's being played all the time.

 

Heruistic analysis and blacklisting is useful; a suite can check exactly where the info is going and compare it to a blacklist and perform it's own heruistic analysis, such as location, and compare it to the trusted and known places.

I simply do not shop online.

 

Thanks for your answers.

Does Nis 2009 really have heuristics for anti-phishing engine?

I had a chat with a Symantec assistant,but i couldn't be sure if it really has or not:~Private chat removed per the TOS. - Ron~

 

~Quoted post removed. - Ron~

Hi Katmai,

Sorry for the confusion. I would like to confirm that the anti-phishing engine in NIS is heuristic as well as blacklist based. There are far too many (billions) web pages out there that are changing too frequently and this makes a blacklist-only approach ineffective.

Thanks,

Shane.