|
UP
|
|
|
NO, a 100% software-based protection against Phishing is not possible due to the infinite number of possibilities for criminals to place Phishing scams. Thus as the most important thing you have to take into consideration, be always aware of your personal information like login, bank account data ... never trust an email sent by a well-known organisation which asks you to enter your personal data, never click on any of the links it contains or believe anything it says.
How does IdnWebShield protect my daily online-work?
-
IdnWebShield is equipped with technologies for predicting and preventing phishing attacks particularly difficult to recognize. Under https://secure.idnwebshield.com we provide a free service for organisations whose customers are targeted by phishing scams like banks, financial and credit unions, auction houses, online casino, travel agencies ... to generate a protection-profile for their important domainnames and links.
- IdnWebShield provides protection against some of the most dangerous link-deception techniques using following technologies, live-url-monitoring, (idn char collision detection) IdnCCD protocol, extended blacklist.
- The link-detective provides background information about links. Is helps to evaluate trustworthiness of internet addresses.
- With IdnWebShield-DefCon and IdnWebShield-Hosts control thow technologies are provided against pharming attacks ... thus phishing attacks not initiated by falsificated e-mails but by dns-manipulation.
|
|
|
UP
|
|
|
IdnWebShield is a security software that provides protection against all
IdnWebShield is
-
already preconfigured for full protection mode,
-
easy-to-install and
-
easy-to-use (it works automatically in the background) for anybody without
detailed computer-knowledge, or
-
fully configurable for anybody who likes to play with IdnWebShield and its
features.
One time installed on your computer it works in the background protecting all
of your Internet activities.
|
|
|
UP
|
|
|
One for all and all for one ... other commonly used anti-phishing solutions supplements with IdnWebShield.
IdnWebShield is a completely independent security solution which differs from common browser-dependent anti-phishing toolbars.
Anti-phishing toolbars can either be commercial products or are already integrated in browsers (Microsoft`s Internet Explorer 7 or Firefox 2.0).
Additionally installed IdnWebShield provides more security against online fraud with spoofed websites using new anti-phishing technologies.
-
IdnWebShield together with other anti-phishing software complement each other in many ways.
-
IdnWebShield remains unique, providing both anti-phishing and anti-pharming technologies to cope with online fraud.
-
With its nature as proxy-server IdnWebShield performes phishing- and pharming checks of entire web requests.
|
|
|
UP
|
|
|
-
Base protection against Phishing with anti-Phishing
blacklist : Dangerouse Internet resources listed in the
g4bi database are blocked by IdnWebShield.
Blacklist extension phishing-toolkit-blocker: Dangerouse link signatures which are commonly used by phishing-toolkits are detected and blocked. Phishing-toolkits are software programs designed to help Internet criminals generating large portals of different spoofed Web sites where victims are asked to provide their sensitive personal data.
-
Anti-phishing prophylaxis:
A complex firewall-based rule-system combined with an intelligent heuristic build up a powerful protection schield to detect phishing-websites. Every day the protection-profiles are regenerated. The IdnWebShield software is automatically kept up-to-date with the latest versions of Anti-Phishing prophylaxis.
-
Phishing attack prevention with
IdnCCD protocol : Prevents Phishing attacks with
international domain names. For more details see some FAQs below.
-
Pharming attack prevention anti-Pharming local DNS monitor:
Monitors your local "hosts"
file for any changes notifies you accordingly if you try to access some
internet resource quoted in this file.
-
IdnWebShield DefCon (DEFense CONdition) Pharming attack prevention anti-Pharming authenticated DNS cache:
Processing your web requests IdnWebShield accepts
DNS information only from authoritative
nameservers .
-
Phishing attack prevention with anti-Phishing
URL monitor : Analyzes the format of requested links.
Prevents Phishing attacks using some form of technical deception designed
to make a link in an email appear to belong to a certain organization.
-
World-Wide-Web link detective:
looks up background information about a link. It should complement your knowledge of what is going on behind the scenes.
|
|
|
UP
|
|
|
IdnWebShield is an IDN capable http/https Proxy server that handles all
http/https web requests.
-
As Http/Https Proxy Server IdnWebShield per default listens on port 9090.
The IdnWebShield administration interface provides possibilities to change network-configuration.
-
PLEASE NOTE: IdnWebShield has to be
set as http/https proxy in your browser configuration. For Internet
Explorer-based Browsers IdnWebShield manages the proxy settings automatically.
-
If you are sitting behind a web proxy you can to configure the http/https proxy
for your IdnWebShield software.
|
|
|
UP
|
|
|
An "Internationalized Domain Name" (IDN) is an Internet domain name containing non-ASCII characters. Thus such a domain name can contain non-latin characters occurring in, Asian, Chinese, Arabic ... character sets.
|
|
|
UP
|
|
|
It is a phishing attack with an "Internationalized Domain Name" The
basic problem lies in the similarity among letters.
A major difference between "IDN Phishing" and "conventional Phishing":
"IDN Phishing" uses a form of homograph deception with a valid domain name in the background. Most methods
of "conventional Phishing" use some form of technical deception designed to make a link in an
email appear to belong to the spoofed organization.
Criminals make use of this natural fact for their malicious purposes. They are
able to abuse any name of an existing bank or any other important organisation,
-
registering a valid internationalised domain name with an
international character that looks identical to another one in the original
name and
- creating a so-called spoofed version of the
web site that looks exactly like the organisation’s official site.
- on
the spoofed web page they ask for personal information, including credit card
numbers, personal identification numbers (PINs), social security numbers,
banking numbers, and passwords.
- fraudsters bait victims
via e-mails.
This attack also known as IDN Phishing attack is extremely dangerous since
there is a valid domain name behind the scenes and there are
thousands of possibilities for criminals to create new domain
names.
The growing complexity of the world wide web, its
enormous potential and the fact that we are browsing the Net at high speed make
it nearly impossible to distinguish between malicious sites and services and
original ones.
|
|
|
UP
|
|
|
-
the Char Collision Detection part filters your web
requests for domain names containing characters that are similar to unwanted
characters.
- the Trust management part alarms you
before continuing with the request, informs you about the detected idn char
collision in the current web request and gives you the possibility to decide
whether to trust or reject the request.
|
|
|
UP
|
|
|
IdnWebShield is a browser- and platform independent software.
|
|
|
UP
|
|
|
For providing maximum security IdnWebShield has to be kept up to date with some security-related data.
-
IdnWebShield automatically loads the latest security-profiles from the Internet. The every day`s synchronisation status is shown in the software`s administration portal.
-
Other automatic updates might concern Whois-configuration updates which are relevant for IdnWebShield`s link-detective as well as Html-header for the web-based administration portal.
-
All automatically updated data is text-based and downloaded in a compressed format.
|
|