PhishTank.. Out of the Net, into the Tank.

Education is one of the best ways to combat Phishing.  If you check your inbox, you could have an e-mail claiming to be from PayPal, eBay, or financial institution of choice wanting you to verify your password or personal information.   Chances are these are fake and someone is trying to get your personal information to do some very bad things.   Social engineering attacks like phishing seem to be the rage these days.

The staff at OpenDNS started providing a DNS service that is taking a step to protect you from some of these scams.   By changing your DNS Settings (on your PC or your gateway router) and using the OpenDNS servers you can avoid many of the scams that are out there on the ‘Net.  Any time OpenDNS detects that you are going to a phishing site, it blocks the request and sends you to a safe site letting you know that it just might have saved your butt.

But where do they get all that information?  This week they released PhishTank, a community supported site dedicated to keeping track of phishing sites.   From the site:

PhishTank is a collaborative clearing house for data and information about phishing on the Internet. Also, PhishTank provides an open API for developers and researchers to integrate anti-phishing data into their applications at no charge.

If you think you found a phishing site, they provide for a way for you to search to find out if someone has already reported it.   If it isn’t in the database, you can submit it (after you open an account).  Other users in the community system will verify if it is truly a phishing site.  Phishtank even gives you a way to track your submissions.

If you are a developer, they even provide a fairly straightforward API to use if you want to write a program that uses the Phishtank data.

If you aren’t using the OpenDNS DNS servers, I recommend changing to do so.  Instructions are available on their site.   If you choose to not use them and you have any question on if the site you are visiting is a phishing site, check them out on Phishtank.  The price is right and it could save you a lot of time and money.

Technorati Tags: PhishTank - OpenDNS - Phishing - Social Engineering