Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

Symantec joins the phishing fight .. for a price

May 9th 2006 in Uncategorized

Symantec are patting themselves on the back again.  Their latest “Symantec Enterprise Security News Clip” has proudly announced that “Industry Leaders Back Symantec Phish Report Network”
(cite: http://www.symantec.com/about/news/release/article.jsp?prid=20060501_01)


So, let’s have a look at Symantec’s new service at http://www.phishreport.net/.  A nice, professional looking site – very pretty. 


“Senders” can submit URLs for free only after agreeing to the Data Provider Agreement which allows Symantec to, among other things, publicise your involvement in the service as a sender.


“Receivers” must sign an agreement as well, and pay Symantec $50,000 per annum for a “Network Maintenance Fee“.


What the???? $50,000 per annum???


Let me tell you something; Castlecops already has a very effective service, called the “Phishing Incident Reporting and Termination (PIRT) Squad” aka Fried Phish


Anybody can submit URLs for free, and without having to sign an agreement:
http://castlecops.com/pirt


Wiki here: http://wiki.castlecops.com/PIRT


Unlike Symantec, CastleCops DO NOT CHARGE A FEE to share information gathered, and those being spoofed do not have to subscribe and sign an agreement to be given information about phishing that affects them and their customers.


I have been receiving email reports about phishing sites that are reported to PIRT since the service’s inception and I can tell you that every single URL reported is blocked by Microsoft’s Phishing Filter within hours.  Often they are blocked even if I check the URL within minutes of the email being received.


PIRT reports phishing sites to an average of 20 different parties per phish and including the company being targeted and the ISP hosting the site.


I fail to understand how a $50,000 per annum “network maintenance fee” can be justified for Symantec’s “service”.


I say stick with CastleCops.  They’ll accept the same reports as Symantec, but unlike Symantec will pass the information on to *all affected parties* WITHOUT CHARGE and without expecting recipients to sign agreements.


Comments are closed.

It has, at times, been a real uphill battle trying to convince the ‘man on the street’ to take advantage of the Phishing Filter that is an integral part of Internet Explorer 7, and available as an add-in for the MSN Toolbar.
Let’s have a look at how the Phishing Filter works and see if we […]

Previous Entry

There is an excellent, albeit short, article about security for Linux users that is worth a quick read:http://www.viruslist.com/en/weblog?weblogid=186275723
I’ll leave you to read the entire article, and will only highlight pertinent quotes here:
“Pretty soon, it dawned on us exactly what the biggest threat to Linux systems is: the almost overwhelming belief in the invulnerability of Linux.”  […]

Next Entry

Archives