Internet Explorer 7 - Phishing Filter

ie 7 phishingPhishing sucks (if you're not familiar with the term you can find some details here). It has just always really ticked me off that there are people out there that feel that they somehow have the right to just take something from me that I've worked hard to earn. Not only that, some of them will work harder at figuring out ways to steal my money than they would need to work to make their own. Just go get a job, creep!

So believe me, I am all on board for any technology that will thwart (or at least slow down) these morons. One of the best ways (besides educating the end user) would be to create a database that would hold the URL's of the offending sites, then to have the browser warn folks when they are about to enter a known phishing site. The key to getting this to work would be to get any new phishing sites added to the list ASAP, as these bogus sites are usually only active for a day or so, sometimes only for a couple of hours. This means that you would need to provide an easy means for allowing your average good Samaritan to tell you when they've come across a phishing site, so that it could be verified and added pronto. Sound hard? Maybe, unless you've got the resources of Microsoft and are about to release a new browser to the world.

Enter IE 7. Currently in Beta 3, it's close enough to a finished product now to start getting the feel for the real thing. I've been using it for a couple of months now, and have bumped into the phishing filter part of it more than a few times now. Of course, the reasons for that are my own fault, because, well, I can be a bit of an idiot at times. You see, I find some things funny hilarious that your average human being would just think of as dumb foolish dangerous asinine.

For example, I think it's funny to follow the links in from e-mails that I know are phishing scams and put bogus information into the form. Things like:

Email: completeidiot@toostupidtolive.com
Password: oh_you_soooo_fooled_me

amoung other things. Now, this is a really dumb thing to do. I know that, I just can't help myself. There is a whole list of reasons why you should never do this, here's just a couple.

  • Any programmer creating these e-mails, who is worth their weight in 0's and 1's is going to embed a little chunk of code in it that will tell them that you opened it. I know, because I've done it. It's the reason that current e-mail clients will not show you images unless you tell them to. The programmer will put in a command that tell's the e-mail to go get an image from a server somewhere and display it in the e-mail. It is the same way that you actually display a legitimate image in an e-mail message. Except in this case the source of that image isn't really an image, it's a little piece of code that will place your e-mail address, your IP address, the time of day, and maybe some other little tidbits of information into a database. The creator of the e-mail can then look at the database and find out who opened the e-mail. This can be very helpful information.
  • The websites that they're going to direct you to are full of all kinds of nasty stuff - viruses, spyware, adware, trojans, etc. Only a complete idiot (me raising hand) would voluntarily subject their computer to that kind of environment

The end result of following links to phishing sites is that it will cause you to get more e-mails that are phishing attempts. Once they think they've got a sucker hooked they're just going to start throwing out more and more bait.

Now, I knew this going in, and I do take some precautions. I've got the firewall installed, virus protection, two different spyware programs running in the background, and a couple of programs that are constantly monitoring my system for any un-authorized changes. Still, it's not really that funny, it's probably easier if you just avoid the sites.

Which, thankfully, brings us back to the original topic. Here is a copy of the most recent phishing scam e-mail I received just this morning:

 

ie 7 phishing 00

 

Of course, the first tip-off is that I don't even have an account at Key Bank. But some of the people that received this e-mail probably did, and some of them made the huge mistake of clicking on the link inside the e-mail. Just so we're clear, the only way that this scam works is when they can get you to click on the link inside the e-mail. So, don't do that.

OK, it needs to be emphasized again. If you receive an e-mail from ANY account, that tells you that you need to, for any reason, log into your account, DON'T CLICK ON THE LINK INSIDE THE E-MAIL. Instead, go to the website the way you usually would, and log into your account that way. If there really is something going on that needs your attention believe me, you'll be able to find it there.

However, for those that don't realize what's going on (or for idiots like me) Internet Explorer 7 has what may be a decent solution. Because I, being who I am (see above) felt an unresistable urge to go visit that oh-so-bogus site and poke some slimeball in the Ukraine right in the eye by entering something insulting into their bogus form. When I tried to do that this is what I saw:

 

ie 7 phishing 01

 

Well, I'll be dipped in honey and rolled in horse manure! Here's something that the average person on the street may actually find useful. When you've got the phishing filter engaged, and you happen across a site that's been flagged you will see this message.

And you can help. If you happen to come across a website that you suspect of being a phishing site you can report it. Click on the Tools icon in the main toolbar, then select Phishing Filter -> Report this website:

 

ie 7 phishing 02

 

When you do you will be taken to a site that looks like this, where with a couple of clicks you can report the site for review:

 

ie 7 phishing 03

 

When IE 7 hits prime time later this year this functionality may become a real force, as this is one of those things where the more people use it the better it will work.

Additional resources

 
  • Take a look at Microsoft's information about phishing here
Bytes: