Security Basics mailing list archives
RE: Anti-Phishing with digital watermarking
From: "Matt Flynn" <mflynn () netvision com>
Date: Fri, 26 Sep 2008 14:42:46 -0400
This only works if the Phishing site is passing through the content of the original site (like some Man-In-The-Middle attacks). It's very easy to just re-build the HTML of a site so that you're not passing the code through. I have to think that anyone that can spoof another site knows to test their new fake site. When they see that the javascript blows up, they'll just remove or fix it. I don't see that as much of a solution, but interesting nonetheless. I considered doing something like that when my blog content was being stolen via RSS feeds (a more pracitcal use of that approach). Matthew Flynn Director of Marketing & Strategy NetVision 732 769 2351 o 732 616 8749 m 801 770 3808 f mflynn () netvision com -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Alcides Sent: Friday, September 26, 2008 8:04 AM To: security-basics () securityfocus com alc Subject: Anti-Phishing with digital watermarking Hi All, Recently came across some interesting text while reading about anti-phishing techniques, that can be implemented server-side. -----------------<snip>------------------------------------ If we insert something like obfuscated java-script in the original website [which alerts us when run under any URL other than the authentic] we can get alerted against these attacks. -----------------<snip>------------------------------------ Wish to know more on the subjects. May be few sample codes. Googled around quite a lot but it looks tough to find anything closer to practical possibilities. Any help, links, pointers including free/ commercial options all welcome. Thanks a lot. Cheers!
Current thread:
- Anti-Phishing with digital watermarking Alcides (Sep 26)
- RE: Anti-Phishing with digital watermarking Matt Flynn (Sep 26)
- Re: Anti-Phishing with digital watermarking Razi Shaban (Sep 26)
- Re: Anti-Phishing with digital watermarking Ron (Sep 26)
- Re: Anti-Phishing with digital watermarking Umil (Sep 26)
- RE: Anti-Phishing with digital watermarking Matt Flynn (Sep 26)
- Re: Anti-Phishing with digital watermarking Razi Shaban (Sep 26)
- RE: Anti-Phishing with digital watermarking Matt Flynn (Sep 26)
- Re: Anti-Phishing with digital watermarking Razi Shaban (Sep 29)
- Re: Anti-Phishing with digital watermarking Ansgar Wiechers (Sep 29)
- Re: Anti-Phishing with digital watermarking Razi Shaban (Sep 30)
- Re: Anti-Phishing with digital watermarking Ansgar Wiechers (Sep 30)