Spam Slayer: New Tools Fight Phishing Scams

Today's Best Tech Deals

Picked by PCWorld's Editors

Top Deals On Great Products

Picked by Techconnect's Editors

Tip of the Month

A quick and easy way for Microsoft Outlook 2003 users to beef up their spam defense is to increase the level of spam detection. To do this, select Tools, Preferences, E-mail, Junk E-mail. Now click High to raise the protection level.

Spam With a Hook

The trend of "anti" tools that combat Internet threats started with antivirus software. The next programs to emerge were antispyware, and then antikeyloggers. Antihijacking tools protect your system from downloads that change your home page to a malicious site. The newest class of "anti" software aims to save you from an epidemic of Internet scammers.

In September, GeoTrust's TrustWatch and Webroot Software's Phish Net join a handful of new antiphishing programs. Already available are EarthLink's ScamBlocker and CoreStreet's SpoofStick. They all aim to shield you from scammers online.

Phishing scams try to con people out of personal information such as credit card numbers and bank security codes. Phishers defraud their victims by setting up Web sites designed to resemble those run by legitimate companies. Then they lure people to those fake sites via e-mail that pretends to be from major e-commerce firms such as Best Buy, EBay, and Citibank. The fake Web sites ask victims to "confirm" personal and account information--and then the phishers them off.

These scams have been around for years, but they're growing in volume. The number of new phishing attacks reported rose by an average of 50 percent each month in the first six months of this year, according to the Anti-Phishing Working Group, which monitors such attacks.

Spam filters sometimes miss phishing lures, primarily because the e-mail from scammers often looks very convincing (as do the counterfeit Web sites they promote).

Nothing Phishy Here

Fortunately, you can fight back against phishers. Being released on September 22 is Phish Net, a free download from Webroot Software that works by guarding your personal information. First, Phish Net collects your personal data--including user names, passwords, bank account information, and even your social security number--then encrypts the information and stores it on your PC. Then, it monitors the Web sites you visit. Lastly, it monitors your keystrokes when you are online.

If you get a fake e-mail from someone who claims to represent your bank and you mistakenly visit the phishing Web site, Phish Net protects you. Once you start typing in your user name, Phish Net delivers an alert message to your desktop warning you that you're sharing sensitive information with an unknown Web site that could be trying to trick you.

Phish Net also relies on a blacklist of known phishing sites that is updated regularly. If you visit one of the blacklisted sites, the software warns you via a pop-up alert. The program also features a feedback option so you can easily report a suspicious site. Webroot representatives emphasize that all your personal data and any information that Phish Net collects never leaves your own hard drive. Phish Net software is compatible with Microsoft Internet Explorer 5.5 and later versions.

Smack Phishers With a Stick

On September 13, GeoTrust announced a free antiphishing toolbar called TrustWatch that works with IE 5.x and later releases.

TrustWatch monitors all the Web sites you visit, in real-time. It rates the sites and displays a green, yellow, or red graphic of a light on its toolbar, connoting the safety level. Green means the site you're visiting is verified as safe. Yellow means the site is unknown to TrustWatch, and it urges you to use caution when providing information. If a red light appears, the site is on a TrustWatch blacklist of phisher sites.

TrustWatch grants sites a green light after verifying whether the site uses Secure Sockets Layer technology. SSL is an Internet protocol used for sharing sensitive information between a user and a Web site. TrustWatch checks whether the SSL certificate is signed by a reputable SSL authority--GeoTrust itself among them.

A yellow light appears when a site lacks a valid SSL certificate or if the site contains key phishing attributes. For example, a site might generate a yellow light if its page prominently displays words like EBay and contains phrases like credit card.

Phisher Blacklists

Both TrustWatch and Phish Net use antiphishing technologies that differ from those used by the earlier CoreStreet and EarthLink tools.

The free ScamBlocker is part of the EarthLink Toolbar. ScamBlocker protects you from scam sites by keeping an updated list of fraudulent sites. When you try to access a fraudulent site, ScamBlocker redirects you to an alerts page on EarthLink's servers.

The weakness in EarthLink's antiphishing approach is that it is only as good as its list of blacklisted sites: You could still fall victim to a scammer. EarthLink says it plans to refresh its blacklist several times daily.

SpoofStick works as an add-on extension to the IE and Mozilla Firefox browsers. The toolbar prominently identifies the site you are visiting. This is helpful if you should fall for scam e-mail from a phisher asking you, for example, to update your EBay account information. When you visit the phisher's fake site, SpoofStick will make sure you can't ignore the fact that the URL is not one of EBay's.

This seems like a good approach, but it doesn't help if the fake site has a clever address that tricks SpoofStick. CoreStreet representatives acknowledge the product's limitations, explaining that the toolbar is intended to keep Web surfers on their toes, but is not an absolute shield.

For my money, Webroot's Phish Net sounds like it would work most effectively of the bunch, assuming you trust Webroot to monitor your keystrokes and store all your personal information on your hard drive. I haven't tested Phish Net yet; when I do, I'll let you know how it goes.


Q. Here is a naive question about spam: Where do I report a message as a spam in my Outlook Express? Is it under Tools?

--Kelly B., via the Internet

A. There are two ways to deal with spam.

One is to handle it yourself, by using the tools inside Outlook Express that block future messages from a particular sender. To do this, select Message, Block Sender. For more advanced ways of blocking spam, select Message, Create Rule For Message. Here you can block e-mail based on particular characteristics, such as specific words, domains, and sender's e-mail address.

The second way is to report spam to the Federal Trade Commission.

Note: When you purchase something after clicking links in our articles, we may earn a small commission. Read our affiliate link policy for more details.
Shop Tech Products at Amazon