Phishing detection

Hi,
Just wondering if there was a change before some time in NOD32 phishing detection ?
I have seen quite low detection rates of some phishing .
Also on http://www.virus-radar.com there is quite negligible
detection rates.(used to be quite high)

 

Report any suspected sites to samples@eset.com
with links to the page or attached html file

 

Yes, definately include the original email or it's source code.

Cheers

 

Hello,

The actual volume of phishes seems to be decreasing.

Perhaps ISPs and financial institutions are responding more quickly to phishes than before?

Regards,

Aryeh Goretsky

 

NOD32 has good results on phishing detection and nice to hear this kind of attacks decreased.

 

Thank you Aryeh for comfirming !

 

Maybe we could have a pole for this but I think the phishing attacks have decreased since most people have changed their global hooks which has also improved worm blocking.


....just kidding

 

ROFL
You do get a lot less phish if you have less worms though.

Cheers

 

Good point! I believe that is true!

Hehehe!!!

 

Am I the only one who see low phishing detection ?

Isn't here some other server/site admins who see
that for example some other antivirus detects more phishing that NOD, please ?

For example CLAM-AV antivirus adds a lot of phishing samples
in every day. Look at http://lurker.clamav.net/list/clamav-virusdb.html
Someone other may post his statistics of Clam-AV latest detections from some email server.
I think it will be interesting

I don't know how really dangerous and working are they.
But my NOD32 does not detect any of about 270 email's with phishing in last 4 days.
The ClamAV free antivirus detects it.

Also just look at www.virus-radar.com history and imagine that phishing detection was top 1
on the first months of this year. Now it detects nearly 0 samples per day
on a hight traffic Czech mailserver.
Do you belive that phishing dissapeared completly ?

I don't mind about Nod detection.
BTW I think those phishing is usualy for organisations (banks)
that uses no one im my country.
If ESET thinks that they do best for users and those samples are not important (or adding is somehow problematic) then it is OK.
I have no problem with it.
But it looks kind of strange to me that detection was very high and now it looks to me that it isn't.

 

I don't feel that detection of phising emails should have higher priority than trojans, backdoors, worms, dialers and other stuff actually endangering our clients. What's more, you'd probably find out that lots of links in undetected phising emails do not actually work.