What Are the Different Types of Anti-Phishing Software?
Phishing websites are fake websites that deceive users. The page of the "phishing website" is basically the same as the real website interface, deceiving consumers or stealing the account and password information submitted by visitors. Phishing websites generally have only one or a few pages, which are slightly different from real websites [1] . Phishing websites are one of the most common forms of scams encountered on the Internet. They are usually disguised as banks and e-commerce websites that steal private information such as bank account numbers and passwords submitted by users. Computer housekeepers can be used for killing [2] .
- Earlier cases occurred mainly in the United States, but as Internet services became more common in Asia, the attacks began to appear throughout Asia. Viewed from the outside, it is no different from a real bank website, but when the user thinks that it is a real bank website and uses services such as online banking, the user's account number and password are stolen, thereby causing the user to suffer losses. The best way to prevent victimization on this type of website is to remember the URL of an authentic website and carefully compare the URLs when linking to a bank website. In 2003, there were also many cases in Hong Kong, China, where banks that had faked websites and had not yet opened online banking services used false websites to lure customers to transfer money online, but actually transferred funds to the account of the website owner. Since 2004, related scams have also begun to appear in Mainland China. There have been many fake bank websites such as the fake Industrial and Commercial Bank of China website [3]
- The term "Phishing" is a combination of "Fishing" and "Phone". Because early hackers initially committed crimes over the phone, they replaced "F" with "Ph" and created "Phishing", Phishing Is pronounced the same as Fishing. Phishing is actually one of the many tricks on the Internet. Because it basically uses the Internet, it uses some bait (such as a fake website) to quietly wait for the user to be fooled, much like the real life fishing process, so It is called "phishing" [4]
- Like spam, phishing (English called phishing) is an unauthorized
- Now most users have a clear understanding of the characteristics of spam, and there are many anti-spam technologies, and the use of email for phishing is also a type of spam. However, phishing is different from general spam in many aspects. Understanding these differences is important to design anti-phishing technology. Here are some of the main differences between phishing and general spam. [4]
- First, check "trusted sites"
- Identify the authenticity of the website through third-party website identity and integrity certification. Many websites have installed third-party website identity credibility authentication-"Trusted Website" on the homepage of the website, which can help netizens to judge the authenticity of the website. "Trusted Website" verification service
- China Anti- Phishing Website Alliance members include dozens of financial institutions and e-commerce websites such as Industrial and Commercial Bank of China, Agricultural Bank of China, Bank of China, Construction Bank, Hua Xia Bank, Everbright Bank, Galaxy Securities, Tencent, Taobao, Alipay, and China Wanwang , China Enterprise Power, Xiamen China Resources, Xiamen Huashang Shengshi, Alibaba, ChinaSpringboardInc. And other major domestic domain name registration service agencies. The "China Anti-Phishing Website Alliance" is not an official organization. Its members include domain name management agencies, registrars, and bank securities, e-commerce, and network security companies. The purpose is to discover and manage "phishing websites." It is mainly aimed at "phishing sites" that impersonate its member units. After the alliance receives a complaint involving members of the alliance, the authoritative technical appraisal agency will immediately judge it. Once it is determined, it will suspend its domain name resolution within two hours and terminate the fraud. The timeliness of processing has greatly reduced the harm caused by "phishing sites" [5] .
- Identification method