Full Disclosure mailing list archives
Re: Google's blacklisted url database (phishing url database)
From: "Am Razak" <pinangs () gmail com>
Date: Thu, 4 Jan 2007 16:56:31 +0800
Sent to the wrong place.... sorry. On 1/4/07, Am Razak <pinangs () gmail com> wrote:
Checked Google page it says that entire URL will be transmitted to Google. If the site authentication is posted on the URL, it will be captured by google. GOOGLE SAYS...... 12. What information is sent to Google when I enable the Enhanced Protection Feature? When enabled, the entire URL of the site that you're visiting will be securely transmitted to Google for evaluation. In addition, a very condensed version of the page's content may be sent to compare similarities between authentic and forged pages. For example, if the condensed 'fingerprint' of the page you are visiting matches the 'fingerprint' of a popular bank's site but the page's URL is different, that's a good sign that the page you are on is designed to mislead users. If you disable Enhanced Protection, no information about the pages you visit will be sent to Google unless you visit a page Google Safe Browsing identifies as potentially unsafe. In this case, we will only send the action you choose to take to help refine our anti-phishing algorithms. Please note that enabling Enhanced Protection gives the Google Safe Browsing extension access to the most up-to-date fraud information about each page you visit. Please see our Privacy Notices<http://www.google.com/tools/firefox/extensions_privacy.html>for privacy information regarding Google Safe Browsing On 1/4/07, Nick FitzGerald <nick () virus-l demon co uk> wrote: > > Stan Bubrouski wrote: > > > You're forgetting that gmail has a feature to report phishing > > messages, that alone could give google quite a list of phishing sites > > given its userbase. > > _And_ the "Report Web Forgery..." option in Firefox' Help menu also > reports the suspect URL to Google at: > > http://www.google.com/safebrowsing/report_phish/ > > > Regards, > > Nick FitzGerald > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Google’s blacklisted url database (phishing url database) Rajesh Sethumadhavan (Jan 02)
- Re: [Full-disclosure] Google’s blacklisted url database (phishing url database) JM (Jan 02)
- Re: Google's blacklisted url database (phishing url database) php0t (Jan 02)
- Message not available
- Re: Google's blacklisted url database (phishing url database) moniker monikerd (Jan 02)
- Re: Google's blacklisted url database (phishing url database) Rajesh Sethumadhavan (Jan 03)
- Re: Google's blacklisted url database (phishing url database) Stan Bubrouski (Jan 03)
- Re: Google's blacklisted url database (phishing url database) Nick FitzGerald (Jan 03)
- Message not available
- Re: Google's blacklisted url database (phishing url database) Am Razak (Jan 04)
- Re: Google's blacklisted url database (phishing url database) Ronald MacDonald (Jan 04)
- Re: Google's blacklisted url database (phishing url database) php0t (Jan 02)
- Re: [Full-disclosure] Google’s blacklisted url database (phishing url database) JM (Jan 02)
- Re: Google's blacklisted url database (phishing url database) Raymond Dijkxhoorn (Jan 03)
- Re: Google's blacklisted url database (phishing url database) Steve Clement (Jan 03)
- Re: Google's blacklisted url database (phishing url database) Valdis . Kletnieks (Jan 03)