Engin Kirda
Christopher Kruegel
Phishing is a form of online identity theft that aims to steal sensitive information such as online banking passwords and credit card information from users. Phishing scams have been receiving extensive press coverage because such attacks have been escalating in number and sophistication. According to a study by Gartner, 57 million US Internet users have identified the receipt of e-mail linked to phishing scams and about 2 million of them are estimated to have been tricked into giving away sensitive information. AntiPhish is a Mozilla [Firefox] browser extension that aims to protect users against spoofed web site-based phishing attacks. To this end, AntiPhish tracks the sensitive information of a user and generates warnings whenever the user attempts to give away this information to a web site that is considered untrusted.
top
AntiPhish is a research prototype. Hence, we do not provide a complete user guide (yet). If you have any questions, feel free to contact the authors.
This paper gives a pretty good overview of the tool and describes how it works:
Engin Kirda and Christopher Kruegel, Protecting Users agains Phishing Attacks with AntiPhish, 29th Annual International Computer Software and Applications Conference (COMPSAC 2005), Edinburgh, Scotland, July 2005
[download]
If you are already using Mozilla extensions, then ignore this part of the document. If you are new, keep reading: First, download AntiPhish and store it somewhere on your computer. Next, press CTRL-O (or go to the File menu item and then choose Open). Pick the AntiPhish extension file you've just downloaded. You will see a dialog where you can press the Install button. That's it.
top
AntiPhish is an application that is integrated into the web
browser. It keeps track of a user's sensitive information (e.g., a
password) and prevents this information from being passed to a web
site that is not considered ``trusted'' (i.e., "safe").
The development of AntiPhish was inspired by automated form-filler
applications. Most browsers such as Mozilla or the Internet Explorer
have integrated functionality that allows form contents to be stored
and automatically inserted if the user desires. This content is
protected by a master password. Once this password is entered by
the user, a login form that has previously been saved, for example,
will automatically be filled by the browser whenever it is
accessed. Antiphish takes this common functionality one step further
and tracks where this information is sent.
After AntiPhish is installed in Firefox, it creates two menu
items: You'll find it in the Tools menu and in the pop up menu when you
press the right mouse button (check out the screenshots). Using the
AntiPhish menu items, you can activate or deactivate it and cache information that you
would like to be protected against phishing attacks.
AntiPhish is licensed under the Mozilla Public Licence Version 1.1.
Follow this link to get AntiPhish: AntiPhish Version 0.1 (antiphish.xpi)
top
AntiPhish was designed and written by Engin Kirda and Chris Kruegel.
Email: E.Kirda+antiphish@infosys.tuwien.ac.at
Email: chris+antiphish@infosys.tuwien.ac.at