Trusted search software labels fraud site as 'safe'

Oops


Digital certificate firm GeoTrust's launch of a search engine with built in trust features this week has been marred by the classification of a phishing site as genuine. Powered by Ask Jeeves, GeoTrust TrustWatch search aims to protect users against fraudulent behaviour and phishing attacks by giving web sites a verification rating. It's a laudable aim, but the classification of a recently created phishing site as "verified as safe" raises serious doubts about the effectiveness of the technology. Such incorrect classifications create a false sense of security that can only play into the hands of would-be fraudsters.

The bogus site purports to represent the Metropolitan Credit Union. It's a crude facsimile of the real site, but TrustWatch assigns the dodgy site a trusted status. Netcraft doesn't score much better in assigning the same ropy site with a risk rating of only "one", a single notch above trusted.

After learning the site was bogus, GeoTrust quickly blacklisted the suspicious destination. To its credit, it also worked with the US hosting firm that unwittingly hosted the site to remove it from the net, but that still leaves the question of how a fraudulent site (screen capture below) came to be awarded a trusted rating in the first place.

Chris Bailey, CTO of GeoTrust, explained that the domain used by the site had previously been verified as trusted. "It's unclear if this phishing site was economically active. In any case, it's now been taken down by the hosting company. It seems there was an insufficient amount of vetting," he said. The url associated with the phishing site has been blacklisted while other sites on the domain have been stripped of their trusted status.

Fraudulent site screenshot

Bailey said that the false classification of a fraudulent site as trusted by TrustWatch was "rare" and said ours was the sole such report. He added that the firm had set up a mechanism for users to report problems and claimed that TrustWatch will become more reliable as more users come on board. Feedback is reviewed, forwarded to anti-fraud organisations, aggregated and may be used in future TrustWatch ratings. An estimated 100,000 users have downloaded beta versions of the software prior to the launch of TrustWatch, the third generation of GeoTrust's anti-phishing toolbar, on Monday (26 September).

The inappropriate classification of a bogus site illustrates the early teething troubles of anti-phishing technology that may take some time to resolve. This is a shame because we found GeoTrust's technology otherwise well designed and easy to use.

The software is free and comes either as a component to GeoTrust's anti-phishing tool bar for Internet Explorer (no Firefox version yet) or by visiting TrustWatch.com. User search results generate green, yellow and red verification symbols beside each search result. Sites that can be verified by trusted third parties receive a green 'verified' rating; sites that have not been verified, but are not known to be fraudulent, receive a yellow 'not verified' rating; and known fraudulent sites display a red 'warning' rating. For the record El Reg gets a far from reassuring "not verified" rating from GeoTrust. Netcraft, by contrast, gives El Reg the green light.

TrustWatch Search is based on GeoTrust's identity verification technology. In addition, TrustWatch Search also works with leading providers of blacklist data, such as Cyota and the Anti-Phishing Working Group, to alert warns consumers about potentially fraudulent sites.

As we've discovered, it's not quite as simple as that so it's just as well there are mechanisms in place to quickly deal with anomalies both for consumers to report suspicious sites and for the manual review of wrongly-classified sites.

GeoTrust's technology is touted as a way for consumers to both find and evaluate the reliability of ecommerce outlets. For example, users can type queries directly into the search box on the TrustWatch toolbar. The Ask Jeeves search engine will return relevant search results alongside TrustWatch ratings. TrustWatch Search also provides a 'Site Report' link via which users can click to get more information about web merchants based on information from BizRate (for Website reviews and store ratings), TRUSTe (privacy policy data), ScanAlert (security audits database) and Alexa (traffic rank information). ®


Other stories you might like

  • Firefox kills another tracking cookie workaround
    URL query parameters won't work in version 102 of Mozilla's browser

    Firefox has been fighting the war on browser cookies for years, but its latest privacy feature goes well beyond mere cookie tracking to stop URL query parameters.

    HTML query parameters are the jumbled characters that appear after question marks in web addresses, like website.com/homepage?fs34sa3aso12knm. Sites such as Facebook and HubSpot use them to track users when links are clicked, and other websites like YouTube use them to enable certain site features too.

    On June 28, Firefox 102 released a feature that enables the browser to "mitigate query parameter tracking when navigating sites in ETP strict mode." ETP, or enhanced tracking protection, encompasses a variety of Firefox components that block social media trackers, cross-site tracking cookies, fingerprinting and cryptominers "without breaking site functionality," says Mozilla's ETP support page.

    Continue reading
  • Old school editor Vim hits version 9 with faster scripting language
    All of the famed user-friendliness and ease of use, but 'drastically' better performance

    Old school editor fans, rejoice: some two and a half years after version 8.2, Vim 9 is here with a much faster scripting language.

    Vim 9 has only a single big new feature: a new scripting language, Vim9script. The goal is to "drastically" improve the performance of Vim scripts, while also bringing the scripting language more into line with widely used languages such as JavaScript, TypeScript, and Java.

    The existing scripting language, Vimscript, remains and will still work. Only scripts beginning with the line vim9script will be handled differently. The syntax changes are relatively modest; the important differences are in things like local versus global variables and functions, and that functions defined with :def will be compiled before they are run. This allows many errors to be caught in advance, but more significantly, compiled functions execute from 10× to 1000× faster.

    Continue reading
  • Iceotope: No need to switch servers to swap air-cooled for liquid-cooled
    Standard datacenter kit just needs a few tweaks, like pulling off the fans

    Liquid cooling specialist Iceotope claims its latest system allows customers to easily convert existing air-cooled servers to use its liquid cooling with just a few minor modifications.

    Iceotope’s Ku:l Data Center chassis-level cooling technology has been developed in partnership with Intel and HPE, the company said, when it debuted the tech this week at HPE’s Discover 2022 conference in Las Vegas. The companies claim it delivers energy savings and a boost in performance.

    According to Iceotope, the sealed liquid-cooled chassis enclosure used with Ku:l Data Center allows users to convert off-the-shelf air-cooled servers to liquid-cooled systems with a few small modifications, such as removing the fans.

    Continue reading
  • Gartner predicts 9.5% drop in PC shipments
    Stark contrast to 11 percent increase year-over-year in 2021 shipments

    The party is over for PC makers as figures from Gartner suggest the market is on course for a breathtaking decline this year.

    According to the analysts, worldwide PC shipments will decline by 9.5 percent, with consumer demand leading the way – a 13.5 percent drop is forecast, far greater than business PC demand, which is expected to drop by 7.2 percent year on year.

    The PC market in the EMEA region is forecast to fare even worse, with a 14 percent decline on the cards for 2022. Gartner pointed the finger of blame at uncertainty caused by conflicts, price increases and simple unavailability of products. Lockdowns in China were also blamed for an impact in consumer demand.

    Continue reading

Biting the hand that feeds IT © 1998–2022