Symantec Relaunches Phishing Info Sharing Network
Microsoft, however, has dropped out.
First unveiled in February 2005 by WholeSecurity, the Phish Report Network is being reactivated by Symantec to provide a vetted, dynamically-updated database of fraudulent Web sites, said David Cole, director of Symantec Security Response.
"There's room for more than one [such] organization," said Cole, "but we wanted to provide a high-quality feed on fraudulent sites so organizations would know that there were very few false positives in the data."
Companies would use the information collected by the network to roll back into their applications -- such as anti-phishing software -- or as blacklist updates to their customers.
There are similar phishing site-collection services already in operation, including CipherTrust's PhishRegistry.org and the non-profit Anti-Phishing Working Group (APWG). But Cole argued that Symantec's would be professional vetted, both by "robust automated bots" and by Symantec analysts, to guarantee that sites reported as fake were really bogus.
Symantec inherited members such as online auctioneer eBay and its PayPal e-payment service from WholeSecurity's effort, but it's added Google, Yahoo, online banking behemoth Wells Fargo, and RSA Security. The latter will contribute data from its Cyota anti-fraud group, which specializes in notifying financial institutions of developing phishing threats, and shutting down bogus sites. Among the clients of Cyota's FraudAction service is Visa USA.
Companies and organizations that contribute data to the Phish Report Network receive its findings free, said Cole, while others will be charged subscription fees that are "priced to break even. We're not intending to make a lot of money on this."
The subscription charges will pay for the automatic and human-based vetting that Symantec will do on each report of a phishing site.
"We can do this cheaper because others would have to directly monetize the service. We don't. Rather than relying on another organization to do this, and be beholding, we can do this ourselves, and also use the data for our own operational anti-fraud teams."
Microsoft, though a founding member of Whole Security's same-named network in 2005, has pulled out of the Symantec-branded collective.
"We didn't ask them to leave," said Cole, "they just wanted to create their own [anti-fraud database]." Microsoft has released an anti-phishing toolbar for its Internet Explorer 6, and has integrated anti-fraud defenses into its next-generation IE 7, which entered public beta last week.
Symantec and Microsoft have butted heads over security as the latter has acquired vendors and rolled out security services and software, including its free Windows Defender anti-spyware software and its Windows Live OneCare subscription service.
Although Google hasn't told Symantec what it will do with the data from the Phish Report Network, Cole said it would be a great addition to the search company's Gmail e-mail service. "That would be a natural fit, or with Google's toolbars," said Cole.
More information about the network can be found on the Symantec Web site.