With close to 20,000+ Phishing sites discovered in February 2007 we believe that there should be better tools for finding these phishing sites. Most of the newer browsers have a Phishing warning system built into them. The warning system in your browser is a bit of a hit or miss when it comes to protecting you
As all phishing comes through email I asked why is there not a plug-in for Outlook to find phishing. I searched and could not find a simple solution that would tell me if an email is phishing. Instead of waiting for one to be built we put our development team at Manticore Media to the test to make one.
The challenge was to make a program that works on our clients’ many different machines and yet was still super simple to use. We found that the main problem with phishing emails is that the phishers generally hide their fake links in either an image or through a text link. All the emails come through as HTML so the email would have to be inspected for links.
We came to the conclusion that the easiest way to reveal if an email is phishing is to expose the link so it is visible to the end user. Example:
 Update your paypal (http://www.payp8l.com)
Is this method fool proof? No but we feel that our tool will help eliminate a lot of the phishing that goes on. This will allow the end user to see exactly where a link is taking them before they click on it.
We are done the Alpha test and now need a few beta testers. The plug-in works for Outlook 2000, 2003 and 2007. If you would like to participate in the beta testing please leave a comment saying your Operating System and Outlook version and we will get you setup.
Please note the plug-in does not work with Outlook Express. Depending on the success of this tool we will consider doing an Outlook Express plug-in later.
James Bone
March 31, 2007 3:38 pm
Windows Vista Ultimate
Outlook 2007
It is scary.
March 31, 2007 6:54 pm
id love to give it a try but i use thunderbird.
blogadmin
March 31, 2007 8:09 pm
Plugin sent out.
blogadmin
March 31, 2007 8:10 pm
Nothing for thunderbird yet. We can add this on to the wish list after Outlook Express.
Matt
March 31, 2007 9:00 pm
Windows Vista Home Premium with Outlook 2007 (Enterprise Edition, if it matters).
You should also think about putting a little red image next to the links that look suspicious. Possibly make an algorithm up so you don’t have to send links to a sever to be checked. Or maybe make up lists (not as good, since phishing sites move around quickly, and you’ll just end up with a list with 99% of the sites non-existent anymore).
I like what Google has in Gmail. You are able to see what domain the email was sent from (so, if I send an email from my Gmail account to another Gmail account, they would be able to see “Emailed by: gmail.com” when they click “More Details”). They also have a little warning near the top of the email saying that the email may not be who it says it’s from.
Sonia
March 31, 2007 11:26 pm
I have Outlook 2003 running on WinXP Pro and it seems like this feature is on. The links are visible (text) unless I click on a mail header, where the messsage converts to html. It is possible that I received this feature via Windows auto update.
Christian
April 1, 2007 8:40 am
you got it from the outlook 2003 sp2 upgrade..
I read it works great.. but if you dont have automatic updates enabled youll need to download and update the Junk Mail Filter updates from Microsoft Update often.
“Nothing for thunderbird yet. We can add this on to the wish list after Outlook Express.”
Thanks im patient so dont rush it. :):)
BlueFur.com » Anti-Phishing Outlook Plug-in Update
April 5, 2007 5:12 pm
[...] want to subscribe to my RSS feed. Thanks for visiting!We posted last month that we are launching an Anti-Phishing Plug-in for Outlook. We still need beta testers for this to ensure it works with Windows 98 and Vista on Outlook 2000 [...]