Welcome to MSDN Blogs Sign in | Join | Help

Phoiling Phishing at WWW2006

If you’re at the WWW2006 conference here in beautiful Edinburgh Scotland, you’ve probably seen a number of great presentations already such as yesterday’s discussion on Identity Management featuring Kim Cameron from the Infocard team. Today (Friday) I’m sitting on a panel called Phoiling Phishing hosted by Harvard Researcher Rachna Dhamija, where we’ll focus more specifically on the issue of Phishing and techniques browsers can implement to “phoil” the attacks. I hope you’ll come to discuss if you’re here.

-Rob Franco

Published Friday, May 26, 2006 8:51 AM by ieblog

Comments

# ckunte.com | Why phishing works

Monday, May 29, 2006 2:13 AM by ckunte.com | Why phishing works
PingBack from http://ckunte.com/archives/2006/05/28/why-phishing-works

# re: Phoiling Phishing at WWW2006

Monday, May 29, 2006 9:24 AM by Viktor Krammer
Hello,

I have focused on another aspect of Phishing regarding security issues introduced with Internationalized Domain Names (IDN). The following paper gives an overview of address spoofing attacks and how to specifically deal with the emerging risk of IDN spoofing. I have also implemented and tested the proposed ideas in my free IE add-on Quero.

http://www.quero.at/papers/idn_spoofing.pdf

Viktor

# re: Phoiling Phishing at WWW2006

Monday, May 29, 2006 9:48 PM by tako
Sorry for my ignorance, but what is Phoiling Phishing?

# re: Phoiling Phishing at WWW2006

Tuesday, May 30, 2006 4:59 PM by EricLaw [MSFT]
@Tako: This could be rewritten "Foiling fradulent web sites".  Using a "ph" instead of a "f" is a fairly common thing in hacker circles.

# re: Phoiling Phishing at WWW2006

Wednesday, May 31, 2006 3:58 AM by Dave
Phishing is definitely a geek term, you should use a more descriptive term in all IE UI.

If someone see's a phishing filter and doesn't know what the term is, how will the feature help them? (and also they'll probably think that someone in the team can't spell 'fishing')

# re: Phoiling Phishing at WWW2006

Friday, June 09, 2006 5:30 AM by Pacero
I mean, that more of pishing end when email communication will be secured and more of spam be filtered at SMTP layer e.g. by SPF or another technology.
New Comments to this post are disabled
 
Page view tracker