PhishTank vs. Anti-Phishing Working Group
.jpg)
Recently I’ve been asked to design a system to detect phishing attacks for a rather large organization. One of the first things that came to my mind was to contact the anti-phishing organizations to see how I could integrate with their system .
Well, it turns out that the biggest two online anti-phishing databases are PhishTank and Anti-Phishing Working Group (APWG). However, I noticed some big differences between these two organizations.
1. Founders, Development and Support
- PishTank is operated by OpenDNS
- APWG apparently is operated on a voluntary base but their Premium and Sponsored Members list is impressive because you can find almost all the big names in security; it’s like a Fortune 100 security directory
2. Services offered
- Phishtank offers free submission (free reg. required) of suspect URLs considered to be phishing sites. They even provide a free API to integrate in your applications. You can add and search for a phishing site right away. Impressive.
- APWG on the other hand offers the possibility to submit emails which are considered phishing emails. And that’s pretty much all that’s offered for free. The most recent publicly available scam email is dated July 4, 2005 , almost 2 years ago. But ! you can go to one of their partners which sells the complete database of 175916 email scams harvestes so far.
So I might be completly off the right foot here, but my guess is that PhishTank is trully a community effort whereas APWG is the product of a huge coallition of security vendors which use the submitted phising data to improve their security tools.
Am I wrong about these assumptions and sould lower the level of paranoia & conspiracy theory?
Which service do you use and where would you submit a piece of phishing evidence ?
Thank you for reading this post. You can now Read Comments (4) or Leave A Trackback.
Print This Post
Post Info
This entry was posted on Thursday, May 17th, 2007 . Tagged with:You can follow any responses to this entry through the Comments Feed. You can Leave A Comment, or A Trackback.
Previous Post: Biggest Identity Theft Incidents During May 7 – 15 »
Next Post: Blogging Platforms Vulnerabilities »
Read More
Related Reading:- GFI WebMonitor 2009 Review
- ModSecurity 2.5 – New Book Soon To Be Released
- NetWitness releases NextGen version 9.0
- Twitter Weekly Updates for 2009-07-19
- Twitter Weekly Updates for 2009-07-12
- Twitter Weekly Updates for 2009-07-05
- Twitter Weekly Updates for 2009-06-28
- NetWitness Investigator – Awesome Network Intelligence!
- Twitter Weekly Updates for 2009-06-14
- Twitter Weekly Updates for 2009-06-07
May 18th, 2007 01:06
Interesting timing, as usual. Do you have a microphone in our office?
Check our press release section of OpenDNS on Monday.
May 18th, 2007 01:18
I don’t have a microphone in your office but I’ll take a wild (educated) guess about your next step: Firefox / IE extension which checks PhishTank’s URL database.
I would love to see that users have more alternatives for real time phishing notification.
And of course, managed anti-phishing service for financial institutions would be great!
Keep up the good work David and let me know when the PhishTank toolbar is released !
May 18th, 2007 07:32
Somebody already made one of those… http://phishtanksitechecker.com/
Toolbars aren’t are business (and they annoy me) — I don’t believe in making people download software when there is so much amazing potential to make the network smarter and more intelligent.
Here’s another mini rant I was just thinking about: Why should my anti-virus software ask me if I want to auto-update? What a dumb question to ask. I’m lazy, I don’t want to “do” anything. If it needs to update it should just update.
May 22nd, 2007 10:55
[...] May 17 I wrote about the main differences between PhishTank vs. Anti-Phishing Working Group and I was quite suprised to read David Ulevitch’s comments on that post about an imminent [...]