Phishing is an aptly named exploit that shares some elements with the similar sounding sporting activity. A phishing email looks like it is from a trusted Web site. When the email is convincing enough, the consumer will click on a link that leads him to a Web site where he will likely be tricked into divulging financial data such as credit card numbers, account usernames, passwords, and social security numbers.

Both fishing for fish and phishing in cyberspace require a combination of expert casting and convincing bait. Casting is equivalent to a legitimate-looking email or Web domain for phishers -- and the next step is to get the consumer/victim to take the bait (i.e. click on the link.) 

What Is A Phishing Attack?

The more popular form of phishery is the Web based phishing attack. SPAM filters are getting better at catching phishing emails, so the phisher have created a way to avoid email. A Web domain phishing attack is when a user typos a common Web domain, for example a bank domain, online shopping site domain, or any commonly used domain. Once the Web surfer incorrectly types his favorite Web site domain, he could be taken to an infected site. Attackers know that compromising sites with generally good reputations, coupled with more effective and targeted e-mail lures, can increase the success rate of attacks. The typo phishing attack and open hacking on popular sites to funnel users into a phishing site are common.

Phishing is all about getting the user to provide access credentials, identity information, or financial credentials by leveraging the trust model of a known brand. Time has evolved, people are getting smarter about these tricks, and attacks have moved to key loggers loaded onto user PCs via browse-by installs from infected popular Web sites. While collecting valuable user information started out with phishing tricks to get the user to type it into a phony Web form/site, now the attacks have gone stealth and the user does not even know the malware loaded into his system when he visited a popular infected Web site. It may have logged keystrokes and sent a file back to the "dark side" without the user having any clue.

What It Costs You

According to industry researchers, the average loss from phishing is now over $3,000 per incident and the total damages suffered by phishing victims are well over $1 billion per year. Banking and retail sites, including Amazon, Ebay and PayPal, have been some of the most popular for criminals to impersonate with counterfeit sites using phishing schemes. Social networking sites, such as MySpace and Facebook, are also key targets for 'social phishing' since personal details included within such sites are handy for identity theft. Experiments show a success rate of over 70% for phishing attacks on social networks. Many phishers will try to get around anti-phishing solutions by using SSL encryption.  

A Real-Time Solution

Blue Coat Real-Time Anti-Phishing protection technology assesses the Web page being requested using Blue Coat WebFilter and Dynamic Real Time Rating (DRTR).  Blue Coat WebFilter runs on current Blue Coat ProxySG appliances and uses Dynamic Real Time Rating technology to keep up with the ever-changing Internet and phishing sites. DRTR is based on patented technology that -- "on the fly" -- can categorize new, unfamiliar Web sites as they are being requested and then block or allow users' access according to the rating DRTR assigns and in accordance with the organization's or user's policies.  

If the page is not found in the Blue Coat WebFilter database, a query is sent to Blue Coat Labs where the Web page is analyzed automatically in real time. Because these phishing Web sites are only up for a short time ranging from hours to minutes it's hard for most anti-phishing databases to catch them.  This is why having a solution like Blue Coat's that assess URL's on the fly is essential. The service will then categorize the page based on its content, forms, links and originating URL. If the Web page is categorized as a phishing site, Blue Coat's software will block the requested Web page or warn the user. The entire process can be completed in between 250-750 milliseconds.

Fortunately, the ROI for crime organizations is getting lower and lower with phishing -- because people are becoming more aware of phishing tricks, more defenses like Blue Coat are in place, and the phony Web site may leave tracks to the crime organization for law enforcement. So has phishing becoming 'old hat?' Not at all, because there are people new to the Internet every day and old tricks still work.

Only through the kind of real-time assessment that Blue Coat offers can most ploys be thwarted.

You can integrate Blue Coat security appliances into your network -- just call Milestone Systems, Inc.  866-646-9211