Security Basics mailing list archives
Re: Anti-Phishing with digital watermarking
From: "Razi Shaban" <razishaban () gmail com>
Date: Sat, 27 Sep 2008 00:03:30 +0400
On Fri, Sep 26, 2008 at 4:03 PM, Alcides <alcides.hercules () gmail com> wrote:
Hi All, Recently came across some interesting text while reading about anti-phishing techniques, that can be implemented server-side. -----------------<snip>------------------------------------ If we insert something like obfuscated java-script in the original website [which alerts us when run under any URL other than the authentic] we can get alerted against these attacks. -----------------<snip>------------------------------------ Wish to know more on the subjects. May be few sample codes. Googled around quite a lot but it looks tough to find anything closer to practical possibilities. Any help, links, pointers including free/ commercial options all welcome. Thanks a lot. Cheers!
Simply POST the current URL ( window.location ) to a file on your webserver that stores these in a database if it is not one of the expected values (the if/else happens client-side in the obfuscated javascript, not serverside) . This will, however, probably lead to a significant overhead... However, if preventing phishing is important to you then I guess you might want to implement it. This is probably the clunkiest method available, but it's the best I can think of off the top of my head :) Hope it helps. -- Razi Shaban
Current thread:
- Anti-Phishing with digital watermarking Alcides (Sep 26)
- RE: Anti-Phishing with digital watermarking Matt Flynn (Sep 26)
- Re: Anti-Phishing with digital watermarking Razi Shaban (Sep 26)
- Re: Anti-Phishing with digital watermarking Ron (Sep 26)
- Re: Anti-Phishing with digital watermarking Umil (Sep 26)
- RE: Anti-Phishing with digital watermarking Matt Flynn (Sep 26)
- Re: Anti-Phishing with digital watermarking Razi Shaban (Sep 26)
- RE: Anti-Phishing with digital watermarking Matt Flynn (Sep 26)
- Re: Anti-Phishing with digital watermarking Razi Shaban (Sep 29)
- Re: Anti-Phishing with digital watermarking Ansgar Wiechers (Sep 29)
- Re: Anti-Phishing with digital watermarking Razi Shaban (Sep 30)
- Re: Anti-Phishing with digital watermarking Ansgar Wiechers (Sep 30)
- Re: Anti-Phishing with digital watermarking Ryan Greenier (Sep 30)
- Re: Anti-Phishing with digital watermarking Ansgar Wiechers (Sep 30)
- Re: Anti-Phishing with digital watermarking Razi Shaban (Sep 30)