Search This Blog

Wednesday, October 12, 2005

CallingID fights Web fraud

NETWORK WORLD NEWSLETTER: M. E. KABAY ON SECURITY
10/11/05
Today's focus: CallingID fights Web fraud

Dear security.world@gmail.com,

In this issue:

* CallingID's IE add-in does automatic DNS lookups
* Links related to Security
* Featured reader resource
_______________________________________________________________
This newsletter is sponsored by Trend Micro

The Trend Micro Threat Map dynamically displays real-time data
to show worldwide trends in virus and content security threats
as they happen. Collected from actual computer infections, the
Threat Map can be used to help determine appropriate security
policies, based on the prevalence of threats that can adversely
affect your business.
http://www.fattail.com/redir/redirect.asp?CID=117122
_______________________________________________________________
INCREASING DEMAND FOR IT SKILLS

Is the outlook good if you're looking for a change in employer
or to be employed? According to a recent survey, CIOs are
planning to hire the greatest percentage of staffers since 2002
this fourth quarter of 2005. But what skills are in demand? And
where should you look for a job? Click here for more:
http://www.fattail.com/redir/redirect.asp?CID=117155
_______________________________________________________________

Today's focus: CallingID fights Web fraud

By M. E. Kabay

Many online frauds depend on deceiving victims into trusting a
Web site and revealing confidential information such as credit
card numbers.

Phishing frauds, for example, use deceptive e-mail messages to
trick people into visiting Web sites whose URLs are
misrepresented as trustworthy ones (e.g., the classic use of
"paypal" labels for URLs that are actually in some
under-regulated and under-policed country where governments
don't even pretend to follow the rule of law). Other frauds
simply use nice-sounding domain names (e.g., the spate of
Katrina-related Web sites that arose after the hurricane
disaster) but are actually run by crooks who steal the money
outright.

One of the ways to help spot fraud is to find out who has
registered a particular Web site; this knowledge does not
prevent all fraud, but it is a useful step forward. If you are
looking at a site that claims to be in Ohio but the owner lives
in the Moldovan Republic (no offense to Moldovans intended),
maybe everything is not as it appears.

In previous columns, I've mentioned the free utility SamSpade
v1.4 <http://www.samspade.org/> which, among other things, makes
"whois" lookups of DNS information quick and easy.

Readers may also know that the free, open source Firefox Web
browser <http://www.mozilla.org/products/firefox/> from Mozilla
has an "extension" (add-in) called "whois 0.4" that can supply a
DNS lookup for each Web address being visited.

I've been trying out an add-in for Internet Explorer (IE) over
the last two months called CallingID <http://www.callingid.com/>
that does all that and much more.

I had the pleasure of speaking and corresponding with Yoram
Nissenboim, CEO of CallingID, the company that makes the
CallingID secure Web-browsing add-in product. Among other
things, CallingID provides automatic DNS lookups for all URLs. A
quick installation of this (currently) free product adds a new
bar to the IE window showing ownership information, including
geographical location for the Web site being visited.

However, as Nissenboim pointed out, "Whois information is very
unreliable. Everyone can write whatever he wants into DNS
records. CallingID has external sources beyond Whois to detect
the site owner and to verify that it is a real organization
located where it claims to be, in most cases automatically."

If any of more than 50 warning signs shows reason for suspicion,
the product alerts the user with an understandable pop-up; for
example, one test checks for anonymized owner information in the
DNS, and any such concealment flags the site as suspect.

The company has expanded its checking to incorporate known-good
sites from many sources such as the Better Business Bureaus,
certification authorities and Dunn & Bradstreet; their database
now includes more than a million legitimate sites worldwide and
this information is provided almost instantly to users without
having to rely on DNS servers, thus maximizing performance. It
is noteworthy that some users have complained about slow DNS
lookups in various forums (here's a sample thread
<http://www.linuxquestions.org/questions/history/335170> ).

Nissenboim also pointed out that the company's tests verify such
technical security features as the validity of site certificates
or the use of encryption and explain the significance of these
factors in plain, non-technical language that allows the user to
judge the safety of interacting with the site. A particularly
valuable feature is that the product detects attempts to send
data to a destination on a different server than the one for the
Web site the user is visiting - an immediate reason for concern
about the legitimacy of the data transfer. As usual, CallingID
reports on the identity and trustworthiness of the ultimate
destination.

In summary, and quoting the company CEO once again, "CallingID
is a tool that provides full risk assessment for users that send
personal or confidential information (such as password, credit
card details, etc.) over the Web. The tool shows them the
identity of the site receiving their information and alerts them
about any risk associated with the site they send data to and
the form they use."

This tool may be helpful in increasing resistance to phishing
scams, especially for novices. Nissenboim told me that his
company's recent survey of 110 users indicated that "55% stopped
sending data to a site following information provided by
CallingID." In my two-month trial, I saw no negative side
effects of the product.

Worth a try, I think, especially for naove users.

Disclaimer: I have no financial interest in this company or
product despite this glowing review and had never met Nissenboim
before our correspondence and phone interview.

The top 5: Today's most-read stories

1. Symantec AntiVirus Scan Engine has serious bug
<http://www.networkworld.com/nlsec8531>
2. How to solve Windows system crashes in minutes
<http://www.networkworld.com/nlsecuritynewsal7602>
3. IETF effort promises fewer net failures
<http://www.networkworld.com/nlsec8532>
4. Nortel's uphill battle
<http://www.networkworld.com/nlsec8109nlsecuritynewsal8258>
5. You won't find this book on Oprah's list
<http://www.networkworld.com/nlsec8533>

_______________________________________________________________
To contact: M. E. Kabay

M. E. Kabay, Ph.D., CISSP, is Associate Professor in the
Division of Business and Management at Norwich University in
Northfield, Vt. Mich can be reached by e-mail
<mailto:mkabay@norwich.edu> and his Web site
<http://www2.norwich.edu/mkabay/index.htm>.

New information assurance journal - Norwich University Journal
of Information Assurance (NUJIA). See
<http://nujia.norwich.edu/>
_______________________________________________________________
This newsletter is sponsored by Trend Micro

The Trend Micro Threat Map dynamically displays real-time data
to show worldwide trends in virus and content security threats
as they happen. Collected from actual computer infections, the
Threat Map can be used to help determine appropriate security
policies, based on the prevalence of threats that can adversely
affect your business.
http://www.fattail.com/redir/redirect.asp?CID=117121
_______________________________________________________________
ARCHIVE LINKS

Archive of the Security newsletter:
http://www.networkworld.com/newsletters/sec/index.html

Security Research Center:
http://www.networkworld.com/topics/security.html

Instant sign-up for Security News Alert:
http://www.networkworld.com/isusecna

Instant sign-up for Virus & Bug Patch Alert:
http://www.networkworld.com/isubug
_______________________________________________________________
FEATURED READER RESOURCE

IT PROS SHARE THEIR TALES OF MAKING ITIL WORK

Running an enterprise network is challenging. IT organizational
change can be even more so if managers don't balance efforts
proportionally across people, process and technology.
Implementing best practices frameworks such as Information
Technology Infrastructure Library (ITIL) can help, but they
introduce their own set of challenges. Click here for more:

<http://www.networkworld.com/news/2005/092205-itil.html>
_______________________________________________________________
May We Send You a Free Print Subscription?
You've got the technology snapshot of your choice delivered
at your fingertips each day. Now, extend your knowledge by
receiving 51 FREE issues to our print publication. Apply
today at http://www.subscribenw.com/nl2

International subscribers click here:
http://nww1.com/go/circ_promo.html
_______________________________________________________________
SUBSCRIPTION SERVICES

To subscribe or unsubscribe to any Network World e-mail
newsletters, go to:
<http://www.nwwsubscribe.com/Changes.aspx>

To change your e-mail address, go to:
<http://www.nwwsubscribe.com/ChangeMail.aspx>

Subscription questions? Contact Customer Service by replying to
this message.

This message was sent to: security.world@gmail.com
Please use this address when modifying your subscription.
_______________________________________________________________

Have editorial comments? Write Jeff Caruso, Newsletter Editor,
at: <mailto:jcaruso@nww.com>

Inquiries to: NL Customer Service, Network World, Inc., 118
Turnpike Road, Southborough, MA 01772

For advertising information, write Kevin Normandeau, V.P. of
Online Development, at: <mailto:sponsorships@nwfusion.com>

Copyright Network World, Inc., 2005

No comments: