Re: Anti-Phishing with digital watermarking

["Razi Shaban" <razishaban () gmail com>]

On Fri, Sep 26, 2008 at 4:03 PM, Alcides <alcides.hercules () gmail com> wrote:
> Hi All,
>
> Recently came across some interesting text while reading about anti-phishing
> techniques, that can be implemented server-side.
> -----------------<snip>------------------------------------
> If we insert something like obfuscated java-script in the original website
> [which alerts us when run under any URL other than the authentic]
> we can get alerted against these attacks.
> -----------------<snip>------------------------------------
>
> Wish to know more on the subjects. May be few sample codes. Googled around
> quite a lot but it looks tough to find anything closer to practical
> possibilities.
> Any help, links, pointers including free/ commercial options all welcome.
>
> Thanks a lot.
>
> Cheers!


Simply POST the current URL ( window.location ) to a file on your
webserver that stores these in a database if it is not one of the
expected values (the if/else happens client-side in the obfuscated
javascript, not serverside) . This will, however, probably lead to a
significant overhead... However, if preventing phishing is important
to you then I guess you might want to implement it.

This is probably the clunkiest method available, but it's the best I
can think of off the top of my head :)

Hope it helps.

--
Razi Shaban