How to Detect Phishing Sites


 by Allan J. Greenberg

Take a look at the Web page below. Doesn't it look like the sign-in page for eBay? If you think so and enter your eBay User ID and Password and click Sign In, you have just given this information to someone who would use it to complete transactions in your behalf. Often one gets e-mail from what looks like a bank asking you to log in to help the bank manage a security situation. But, it is not your bank that is looking for this information, it is someone else. The activity is called "phishing" which directs you to a site that looks legitimate, but you are really dealing with a fake site or "spoofing". (Continued below the graphic)

How do you know if you are or are not on an eBay or bank Web page? Well, it is difficult to know without some help. That is where an anit-spoofing or anti-phishing tool or program comes in. One such tool (or in this case a browser extension) is called SpoofStick by CoreStreet ®. Click here to read about this extension to Internet Explorer. If you are using FireFox, you can install SpoofStick for this browser as well.

SpoofStick, once installed, provides a toolbar below the address toolbar (or Links toolbar if it is turned on) in your browser that shows you what Web site you are viewing. See the Web page below for eBay. Look just below the URL or Address and Links toolbars for the Web site in the page displayed below:

Notices that it says that You're on eBay.com. This is your assurance that the information you provide in this Web page will go to eBay and not to anyone trying to get your secure information. Go back to the first graphic. With SpoofStick installed, look below the URL or Address and Links toolbars again. Notice that it says that You're on 81.195.209.42. This is your indication that you are on a "spoofed" Web page and thus you would not provide any information to it.

To download you free copy of SpoofStick, go to http://www.corestreet.com/spoofstick/ and the download link at the top-right section of the page for the browser you are using. Install the program by finding the file and clicking on it.

Now you can browse freely knowing what Web site and page you are viewing.