Security Basics mailing list archives
Re: Anti-Phishing with digital watermarking
From: Thrynn <thrynn404 () gmail com>
Date: Mon, 29 Sep 2008 11:01:10 -0400
I have a working implementation of this that you can try. You insert the javascript in you page (very similar to the google analytics code). If an attacker makes a copy of your site and then tests their copy, an alert is generated. This let's you see a phishing attack before it happens. We also do referer whitelisting, to catch those pesky redirects. Finally, we are able to profile each web user on the site and alert when someone does something abnormal in their interaction with the site. It's only a side project, so let me know if you want to know more. On Fri, Sep 26, 2008 at 8:03 AM, Alcides <alcides.hercules () gmail com> wrote:
Hi All, Recently came across some interesting text while reading about anti-phishing techniques, that can be implemented server-side. -----------------<snip>------------------------------------ If we insert something like obfuscated java-script in the original website [which alerts us when run under any URL other than the authentic] we can get alerted against these attacks. -----------------<snip>------------------------------------ Wish to know more on the subjects. May be few sample codes. Googled around quite a lot but it looks tough to find anything closer to practical possibilities. Any help, links, pointers including free/ commercial options all welcome. Thanks a lot. Cheers!
Current thread:
- Re: Anti-Phishing with digital watermarking, (continued)
- Re: Anti-Phishing with digital watermarking Razi Shaban (Sep 26)
- Re: Anti-Phishing with digital watermarking Ansgar Wiechers (Sep 29)
- Re: Anti-Phishing with digital watermarking Razi Shaban (Sep 29)
- Re: Anti-Phishing with digital watermarking Ansgar Wiechers (Sep 29)
- Re: Anti-Phishing with digital watermarking Razi Shaban (Sep 30)
- Re: Anti-Phishing with digital watermarking Ansgar Wiechers (Sep 30)
- Re: Anti-Phishing with digital watermarking Ryan Greenier (Sep 30)
- Re: Anti-Phishing with digital watermarking Ansgar Wiechers (Sep 30)
- Re: Anti-Phishing with digital watermarking Razi Shaban (Sep 30)
- Re: Anti-Phishing with digital watermarking Razi Shaban (Sep 29)
- Message not available
- Re: Anti-Phishing with digital watermarking Ansgar Wiechers (Sep 30)
- Re: Anti-Phishing with digital watermarking Razi Shaban (Sep 30)