Anti-Phishing question

hi all

I'm doing some research into Phishing and methods of prevention/protection and I'm wondering if anyone know of ways to defend ones self from these sorts of attacks

I know that most modern browsers like firefox/opera already come with this protection built in and its simply a case of making sure its switched on but what about other mediums ?

or does one only require Anti-Phishing software to be installed to there browser ?

 

The phishing protection built into those browsers is generally good enough, however, you can always try an alternative DNS service such as OpenDNS. It not only provides protection from phishing but also can filter out content, protect from DNS-related attacks, and so forth, and is also extremely easy to set up and use.

Your best weapon against phishing is always going to be yourself. Instead of clicking on website links you want to visit and know the web address of, simply type in the URL yourself carefully and phishing attack chances will be non-existent provided you don't have a compromised browser (which is an entirely different topic). Though I used to be one of them myself, I believe we have far too many people using 3rd party security software to do the job our own built in security software can handle just fine...our own brain.

 

hi

generally I would agree but I'm thinking for browsers and the like that don't have any anti-phishing mechanisms built in like IE for example

just wanted to make a small update to my web site regarding this while I was in the process of updating and making revisions

as I haven't done any work on my site for quite some time its been pulled but I would like to get it back up at some point once I'm finished updating and checking all my links and making sure the information is still valid

 

Well one other method I failed to mention is phishing protection built in to some security suites from the likes of Norton, Kaspersky, and others. However, those may require the use of "standard" browsers such as IE, Firefox and Opera in order to work. Chrome likely uses Google's own phishing filters, but outside of those 4 browsers, I honestly don't know what is available besides the use of OpenDNS or other DNS alternatives like it.

 

Anti-phishing software, in my opinion, is a marketing thing, people are crazy to buy this kind of software and have it spend their CPU cycles. Every good browser these days has anti-phishing so browser+openDNS=gold. Nothing more needed.

 

anti-phishing soft that is integrated in web browsers is good sometimes but for a better protection is good to use an antivirus solution

 

Please feel free to prove that instead of just making that claim and stating it as fact, which is utter rubbish.

 

OpenDNS & WOT are my protection from entering "dodgy" websites, phishing, etc.

WOT - simple traffic light visual grading of sites to warn you before you even enter by mistake. If you ignore the red danger grading you receive a second warning asking if you really want to continue to a potential dangerous website.

OpenDNS uses Phishtank's information to block websites. Phishtank operates much the same as community offerings like WOT. It's obviously not the total solution. But for a free no resource hassle it's well worth having. There is a list of organizations using phistank's blocking information, some browsers, AV companies, seems like a no brainer to use OpenDNS rather than use AV, Firewall or browser based anti phishing measures, especially if they are going to slightly increase resources usage.