CloudCodes AntiPhish
Phishing attacks have been increasing a lot in last few years as more and more users rely on online services. Hackers and attackers use phishing as the method to extract the confidential access credentials from the users using the fake website and email to users to declare their username and password.
To prevent the phishing attack a lot of efforts are required both from the IT and user side like implementing some expensive solution to detect the links of the phishing URL and then block it. On the user side its the effort to educate them on how to identify the phishing email and websites. CloudCodes has built a browser extension based solution to protect the users of Gmail and Google Apps users to prevent them from the Phishing attacks. The solution provides the ability to the IT admin to report the phishing URL to our central database so that all the users across the globe get benefit from the central phishing database
How it works
CloudCodes AntiPhish is cloud based architecture, the architecture is designed to evolve the ability of the protection over a period of time.
CloudCodes AntiPhish has two main database, one is the active Phishing URL database which is a constantly growing database running on a highly scalable No-Sql database which gets the feeds from 3 sources,
- Phishtank.com which is part of OpenDNS and has and maintains a strong pool of constantly updated Phishing URLs across the world
- OpenPhish is also another organization which also maintains a constant database of the Phishing URLs from across the world
- Users of AntiPhish can report the newly found phishing URL directly to us using the extension on the browser and once these phishing URLs are reviewed by our Moderators and Reviewers it moves to the active phishing database to protect our users, also we submit these URLs back to Phishtank and OpenPhish to help the community
Once the user installs the extension on the browser, the extension will get active when the user clicks any link on the Gmail (Free Gmail and Google Apps), while the page loads AntiPhish extension communicates to our backend to check if the URL is in the Phishing Database, if found we overlay it with a warning message making the user aware that its a phishing site ahead, and also offers more information about what is phishing.
We have 3 different types of users who can contribute to improve the Phishing Database on a on-going basis,
- End user – This is generally the end user who would install the extension or system admin would install the extension for the user, The end user also has the ability to submit the phishing URL using the extension
- Registered Users – Registered users are those who would like to identify themselves with some level of knowledge about Phishing and security, ideally IT users, System admins, Security officers etc should sign up as registered users. These users when they submit the Phishing URL its flagged as a priority URL so that it would be reviewed first and would require less votes to move the URL to phishing database.
- Moderators – Moderators are like registered users but would get one more function which is to review the URLs submitted by users and registered users. These users would be notified by email to review the new URLs submitted on said frequency
So install the extension , and all the IT and technical people register so that we can jointly improve and fight against the phishing attack for Gmail and Google Apps users.