Original ExistDifferently.com Weblog of David, a Christian Network and Systems Manager, with topics ranging from Apologetics to Worldview, and some crypto, open source, programming, opinion, and daily life thrown in between.

Mon, 2006-10-02 (Oct 02)

Toss some Phish in the Tank!

Filed under: Blog,General,Internet,OpenDNS,phishing,Spam,Tech (General) — David @ 14:27

Created by the guys of OpenDNS goodness, PhishTank is a new site that lets you submit emails you’ve received and lets the community verify whether or not the phishing site is working, and if so it lets application developers query to see if a particular URL is a phishing scam or not!  As this grows, it should provide a resource for programs like Mozilla Thunderbird and others to detect scams and help keep the less-informed users out there better protected.

I like the fact that you can submit phish, help verify phish others have submitted, but also you can tell when phish you’ve submitted have been verified by others and what the status is.  Nice to be able to get some feedback to know you’re helping to make a difference with your submissions!

They also have a blog (who doesn’t) if you want to read the musings of the site’s creators.

Mon, 2006-07-10 (Jul 10)

OpenDNS: interesting phishing and typo protection

Filed under: dns,In The News,Internet,OpenDNS,phishing,Spam,Tech (General),typos — David @ 11:17

The owner of EveryDNS, David Ulevich, has come out with an interesting new solution to phishing scams and domain name typos: fix it at the DNS level, which I found in an article at Wired.

The new service is free and it’s called OpenDNS.  You use it by changing the DNS server addresses on your maching, router, or wherever you get your DNS settings from to use their two DNS server IPs.  Then, they do some filtering to correct typos such as typing existdifferently.cm, which they automatically fix into existdifferently.com.  They also monitor sites that try to pull of phishing scams and block the addresses of the sites requesting your personal information, so even if you click the link in an email (such as “your PayPal account has been marked for fraud, come enter all your bank accounts, credit cards, and social security number at this link so we can rob you blind!”), if OpenDNS knows about it and you click on the link, you’ll be blocked and instead get a webpage similar to the screenshot shown here.

 Sample OpenDNS Phishing Block

Where do they make their money? Eventually, they plan on offering advertising when you type in a domain name that doesn’t exist and they can’t correct.  For now, they just give you some search results.  This is different from VeriSign’s fiasco Site Finder (see the Wired article above for details), because you’re choosing OpenDNS, it’s not being forced on all internet users worldwide at the authoritative DNS server level!

Powered by WordPress