Real-Time Client-Side Phishing Prevention Add-On

摘要

Since existing solutions for steering users away from phishing websites are typically server-based, they have several drawbacks: they compromise user privacy, are not robust against adaptive attackers who serve different content at different times, and do not provide any guidance to users after flagging a website as a phish. To address these limitations, we present a new phishing prevention system implementing a fast and effective phishing detection technique we developed recently [1]. It is implemented as a client-side application and a browser add-on. It uses information extracted from website visited by the user to detect if it is a phish and warn the user. It also determines the target of the phish and offers to redirect the user there.