Opera Takes On Phishers With Latest Browser Release
Dec 20, 2006 4:00 AM PT
Opera's moves against phishing come as hackers continue to refine their attacks on PCs, largely succeeding at avoiding most, if not all, efforts to thwart them, iDefense Rapid Response Team Director Ken Dunham told LinuxInsider.
"I applaud any effort [to address phishing], and some are more effective than others, [but] the bad guys are implementing countermeasures today for every single one of those," Dunham said.
As an increasing number of Internet users shop online, phishers -- thieves who dupe users into performing transactions or sharing information with phony but legitimate-looking Web sites -- are taking advantage of the higher volume of potential targets, according to Opera CEO Jon von Tetzchner.
"Cybercriminals are very active during the holiday season, as more people venture online to shop or connect with friends and family," he said.
Opera, which said its new fraud-protection feature augments its browser's previous anti-phishing measures, joins Microsoft and Mozilla in focusing much of its browser-security efforts on avoiding phishing attacks.
Speed Is Key
Opera's anti-phishing partner PhishTank reported that during November 2006, there were nearly 10,000 unique phishing attacks, which lead to the theft of credit card numbers, bank account details and other sensitive information.
As most phishing sites are quickly taken down or moved by attackers, the only way to address the threat is through real-time protection, the company said.
"The key to an effective phishing defense is speed and responsiveness," noted BT Counterpane CTO and security expert Bruce Schneier, an Opera user. He praised the browser for the "nearly immediate" identification of suspected phishing sites as he surfed the Web.
However, he questioned the effectiveness of blacklisting -- the blocking of certain sites by the browser -- including real-time blacklisting.
Training for Phishing
The cybercriminals' use of hijacked domains can result in false positives, and the movement of attack sites diminishes the effectiveness of blacklisting, Dunham explained. In addition, sophisticated phishing attacks can involve the use of thousands of IP addresses over a 24- to 48-hour attack.
"The blacklisting will help with the script kiddies, but the more sophisticated enterprises have countermeasures in place," he said. He predicts more attacks and more countermeasures throughout 2007.
Users and organizations cannot rely on technology alone to combat phishing, Dunham stressed. "The reality is, if you want to make sure you are well-defended, you need training, too."