Netcraft launched an anti-phishing system at the start of 2005: people install a toolbar and effectively become part of a giant neighbourhood watch system whereby the most experienced members of the community can report phishing sites and effectively block them for the rest of the community.

Some 700,000 unique phishing sites have been detected and blocked by Netcraft’s community to date [April 2007] and it has featured widely in the media from the Financial Times & Wall St. Journal through to Slashdot.

Many of the world’s largest banks report their confirmed phishing reports into the Netcraft feed, and third party tests by C|Net and Ziff Davis have assessed the Netcraft Toolbar as the most effective anti-phishing service, and it is licensed by Microsoft for use in IE7, and by many of the leading anti-virus, content filtering, hosting and domain registration companies.

Netcraft makes the list of phishing sites reported by the Toolbar community and validated by Netcraft available as a continuously updated feed suitable for ISPs, hosting companies, enterprises, and other companies that operate mail servers and web proxies, or network monitoring systems.

The feed can be used to prevent customers and employees from succumbing to phishing attacks and presents an excellent opportunity for ISPs to win new customers and to reassure existing customers by taking a proactive stance against fraud by providing phish-free web and mail.

Well constructed phishing mails often get through conventional spam filters as they may carefully mimic bona fide communications. According to Verisign, between 3-5% of people receiving a phishing attack have given away details of their bank accounts.

The phishing site feed offers real time protection against phishing. This can be deployed in a variety of ways:

• Integration with mail servers to prevent customers from receiving emails that contain phishing URLs, and also to prevent such emails from being sent.
• Integration with web proxies to deny access when a phishing URL is visited.
• Integration with intrusion detection systems and other network monitoring tools to block phishing activity in unconventional channels such as Usenet, FTP and IRC.

The phishing site feed is a continuously updated encrypted database of patterns that match phishing URLs reported by the Netcraft Toolbar community and validated by Netcraft.

The feed employs a versioning system to ensure that customers who have fallen behind can catch up incrementally, or if necessary, by requesting the full database.

The feed is available for a wide range of proxy servers and mail servers, while reference code and technical documentation is supplied to demonstrate how to integrate the feed into bespoke content filters, firewalls, network IDS and similar applications.

Support pertaining to the service is available via electronic mail and telephone.

Please contact us (sales@netcraft.com) for pricing, giving details of the mail server (e.g. sendmail, qmail ...) and/or proxy server (e.g. Squid, Apache ...) or other program that you would like it to interface, and the approximate number of users you have.

If you would like to join the Netcraft anti-phishing community, the Toolbar can be downloaded from toolbar.netcraft.com.