Phishing detection

Discussion in 'NOD32 version 2 Forum' started by Gizmo, Aug 1, 2006.

Thread Status:
Not open for further replies.
  1. Gizmo

    Gizmo Registered Member

    Joined:
    Apr 23, 2003
    Posts:
    34
    Hi,
    Just wondering if there was a change before some time in NOD32 phishing detection ?
    I have seen quite low detection rates of some phishing .
    Also on http://www.virus-radar.com there is quite negligible
    detection rates.(used to be quite high)
     
  2. ASpace

    ASpace Guest


    Report any suspected sites to samples@eset.com
    with links to the page or attached html file
     
  3. NOD32 user

    NOD32 user Registered Member

    Joined:
    Jan 23, 2005
    Posts:
    1,766
    Location:
    Australia
    Yes, definately include the original email or it's source code.

    Cheers :)
     
    Last edited: Aug 1, 2006
  4. agoretsky

    agoretsky Eset Staff Account

    Joined:
    Apr 4, 2006
    Posts:
    4,032
    Location:
    California
    Hello,

    The actual volume of phishes seems to be decreasing.

    Perhaps ISPs and financial institutions are responding more quickly to phishes than before?

    Regards,

    Aryeh Goretsky
     
  5. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
    NOD32 has good results on phishing detection and nice to hear this kind of attacks decreased.
     
  6. ASpace

    ASpace Guest


    Thank you Aryeh for comfirming ! :)
     
  7. SoCalReviews

    SoCalReviews Registered Member

    Joined:
    Apr 14, 2006
    Posts:
    282
    Location:
    Los Angeles, CA
    Maybe we could have a pole for this but I think the phishing attacks have decreased since most people have changed their global hooks which has also improved worm blocking.


    ....just kidding :D
     
  8. NOD32 user

    NOD32 user Registered Member

    Joined:
    Jan 23, 2005
    Posts:
    1,766
    Location:
    Australia
    ROFL :D
    You do get a lot less phish if you have less worms though.:ninja::blink::ninja:

    Cheers :)
     
  9. SoCalReviews

    SoCalReviews Registered Member

    Joined:
    Apr 14, 2006
    Posts:
    282
    Location:
    Los Angeles, CA
    Good point! I believe that is true! o_O

    Hehehe!!!
     
  10. Gizmo

    Gizmo Registered Member

    Joined:
    Apr 23, 2003
    Posts:
    34
    Am I the only one who see low phishing detection ?

    Isn't here some other server/site admins who see
    that for example some other antivirus detects more phishing that NOD, please ?

    For example CLAM-AV antivirus adds a lot of phishing samples
    in every day. Look at http://lurker.clamav.net/list/clamav-virusdb.html
    Someone other may post his statistics of Clam-AV latest detections from some email server.
    I think it will be interesting :)

    I don't know how really dangerous and working are they.
    But my NOD32 does not detect any of about 270 email's with phishing in last 4 days.
    The ClamAV free antivirus detects it.

    Also just look at www.virus-radar.com history and imagine that phishing detection was top 1
    on the first months of this year. Now it detects nearly 0 samples per day
    on a hight traffic Czech mailserver.
    Do you belive that phishing dissapeared completly ?

    I don't mind about Nod detection.
    BTW I think those phishing is usualy for organisations (banks)
    that uses no one im my country.
    If ESET thinks that they do best for users and those samples are not important (or adding is somehow problematic) then it is OK.
    I have no problem with it.
    But it looks kind of strange to me that detection was very high and now it looks to me that it isn't.
     
  11. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    I don't feel that detection of phising emails should have higher priority than trojans, backdoors, worms, dialers and other stuff actually endangering our clients. What's more, you'd probably find out that lots of links in undetected phising emails do not actually work.
     
Thread Status:
Not open for further replies.