PhishTank Aims to Blow Scammers Out of the Water
San Francisco-based OpenDNS is leading a group effort to identify, track, and block access to sites that are designed to steal people's personal information.
October 8, 2006
A new team has entered the battle to stop scammers. PhishTank aims to blow scammers completely out of the water by identifying, tracking, and blocking access to sites that are designed to steal people's personal information.
Officially launched last week to coincide with National Cyber Security Awareness Month, the project is operated by San Francisco-based OpenDNS, a group that provides an alternative DNS system that is allegedly faster than ordinary DNS and also blocks access to phishing sites. OpenDNS also provides other benefits, such as browser plug-ins that correct domain name spelling errors.
PhishTank lets registered users submit reports of suspected phishing sites and other registered users along with PhishTank team members work to verify that a site truly is meant to operate a phishing scam against unsuspecting users. Registered members cast their vote after inspecting a suspect site. As of October 11, PhishTank had gathered 2927 suspected phishing sites and 727 had been confirmed.
"We've been thrilled with the enthusiastic embrace of PhishTank by an active community," a spokesperson said.
Overall, PhishTank acts as an information clearinghouse for anybody that is interested. There is no cost to participate or to use the collected data. OpenDNS uses PhishTank data as one of its sources of information to block phishing sites for users of its DNS service.
"Unlike other anti-phishing groups, PhishTank makes all phishing data it accumulates public and available via programmable APIs, which allow other software developers to incorporate the anti-phishing data into their tools. The open access is intended to encourage the sharing of information and increase the chance of eliminating phishing all together," another spokeperson said.
According to the PhishTank FAQ the API requires a key to be functional and keys are provided to all registered users. The API communicates over Secure Sockets Layer (SSL) and returns data in either XML format or as a PHP-based encoded array.
On the OpenDNS blog, the company said that PhishTank is looking for people to develop extensions and plug-ins for SpamAssassin, SquidCache, and Mozilla Thunderbird. They're offering between $100 and $300 for that technology along with an opportunity to be fast-tracked through the interview process should a developer want to join their team as an employee.
About the Author
You May Also Like