Phishing could soon be a thing of the past and the credit may have to go to Microsoft. That's according to a leading Web security expert who says functionality built into Internet Explorer 7 could shutter fraudulent Web sites within 18 months.

Tim Callan, a director at VeriSign, said anti-phishing guards in IE 7 -- which will warn users off malicious Web sites where they may be asked to submit personal information such as bank or credit cards details -- will help restore badly damaged consumer confidence.

Callan said: "Consumer confidence is falling and the biggest reason for that is fear, pure and simple. People fear that something bad is going to happen to them."

And he said phishing is the major cause of concern.

Typically phishing scams rely on a spoofed Web site made to look like the site of a leading bank or popular e-tailers such as Amazon or eBay.

However, when users visit a site with a fraudulent URL and no SSL certificate their address bar will turn red warning them they may be straying into dangerous territory.

If the site's URL tallies with who its owner is, and the SSL certificate is present, the address bar turns green, informing the user they are safe to carry on. In between these alerts there is a plain white address bar, which means 'nothing to report', and amber which advises caution.

Callan said: "This has the potential, a year or 18 months down the line, for phishing, as we know it, to have become a really small problem.

"I've had a lot of contact with the people who are really going to use this, 150 of the largest Web properties in the world, and not one of them has said 'I'm not going to use this'."

However, he admitted the fight is far from won and agreed criminals will already be plotting their next move.

He said: "The bad guys are going to start to work on it. They will be chipping away at it and I'm not going to pretend they won't at some point have success."

Mark Sunner, CTO of MessageLabs, which intercepts phishing e-mails in the cloud before they reach the end user, said the scheme is a definite improvement on previous browsers but added that "any assumption this will wipe out phishing is an exaggeration".

Sunner said: "You've got to keep some perspective. Everything like this is all good but the more sophisticated phishers move a lot more quickly than the technology. They will already be working on ways around this and new methods of attack."

Related links

Leave a comment

You must read and type the 6 chars within 0..9 and A..F

* indicates mandatory fields.

Log in


Sign up | Forgot your password?

Blogs

RSS feed

  • Staff Aussies to pay more for Win 7

    If you are looking to make some money in these troubled times, perhaps importing copies of Windows 7 could be for you. Read more »

    -- posted by Staff

  • Staff Firefox: Greens want it, 3.5rc2 not up to par

    This week's roundup looks at the situation surrounding a campaign to change Outlook HTML renderer, a Greens MP wants to install Firefox but is restricted and all the photos from the iPhone 3GS launch. Read more »

    -- posted by Staff

  • Chris Duckett Microsoft misses the Outlook point

    Ask designers which mail program is the bane of their existence, and you'll find that Outlook tops the list. The reason why the most popular email reader is also the most painful is simple: it uses Word to render HTML emails. Read more »

    -- posted by Chris Duckett

What's on?