Re: Anti-Phishing with digital watermarking

[Thrynn <thrynn404 () gmail com>]

I have a working implementation of this that you can try. You insert
the javascript in you page (very similar to the google analytics
code).

If an attacker makes a copy of your site and then tests their copy, an
alert is generated. This let's you see a phishing attack before it
happens.

We also do referer whitelisting, to catch those pesky redirects.
Finally, we are able to profile each web user on the site and alert
when someone does something abnormal in their interaction with the
site.

It's only a side project, so let me know if you want to know more.



On Fri, Sep 26, 2008 at 8:03 AM, Alcides <alcides.hercules () gmail com> wrote:
> Hi All,
>
> Recently came across some interesting text while reading about anti-phishing
> techniques, that can be implemented server-side.
> -----------------<snip>------------------------------------
> If we insert something like obfuscated java-script in the original website
> [which alerts us when run under any URL other than the authentic]
> we can get alerted against these attacks.
> -----------------<snip>------------------------------------
>
> Wish to know more on the subjects. May be few sample codes. Googled around
> quite a lot but it looks tough to find anything closer to practical
> possibilities.
> Any help, links, pointers including free/ commercial options all welcome.
>
> Thanks a lot.
>
> Cheers!