Internet security and social networking
Facebook, HTTP access, Internet security, network security phishing attack social networking, Phishing, social media, Symantec, Web security software
What network solution today in the market can block a phishing attack coming from social networking Facebook?
i.e. from Facebook, someone who "appears" to be a friend posts a phishing link via a message.
A typical web security solution, i.e. web reputation filtering, seems only blocking phishing websites based on their reputation.
I am thinking this would work if the solution scans the HTTP content in real-time. During the scan, it identifies a phishing link and block the HTTP sessions.
Or other solution? is this type of solution available from a vendor? Symantac, ScanSafe, or?
thanks
Richbiz
Software/Hardware used:
Software/Hardware used:
ASKED:
April 10, 2010 5:51 AM
UPDATED:
April 15, 2010 11:10 AM
Answer Wiki:
The on-access scan on most anti-virus applications will do this already. It will not block the website from loading, but it will detect and quarantine or delete the virus. When it gives you a notification of the virus, you should close the website.
-----
As stated above, anti-virus programs may include anti-phishing features.
Also, there are some stand-alone anti-phishing tools like <a href="http://www.comodo.com/home/internet-security/verification-engine.php">Comodo's VerificationEngine</a> (free) that could help in this matter. However, I don't know of any anti-phishing software that will remove suspicious links. Most of them will add some functionality to the browser to warn you or even block some sites when you navigate to them.
----
An effective security solution would not necessarily care the location of the actual link (Facebook in your example) but instead the destination. Of course, the key thing here is that for sites such as phishing sites that are very short-lived, they are never going to make it into a web filtering database. They will likely disappear before any vendor categorizes the site as malicious and updates their list.
A solution, such as ScanSafe, that is focused on content analysis (rather than just using a URL database or AV) and has capabilities to dynamically categorize these short-lived websites based on content on the site could be the best answer for you.
Disclosure: I work for ScanSafe. Please feel free to contact me if you have any other questions or would like more info on our solution.
To see all answers submitted to the Answer Wiki: View Answer History.
Want to clarify the answer….
I can see the virus or malware detection and blocking part…
But what if it is just a phishing attack? i.e. A phishing URL from a Facebook message links to a fake banking web site attempting to get your login info.
Can this be prevented?
One way I can see this can be prevented is if the content of a web site is scanned during real-time access. Assume the anti-phishing capability is in either network device or PC, it then detects a phishing URL in a Facebook page and remove the phishing URL with an alert.
Is there something today in the market I can take a look?
Thanks in advance
well best way to deal with getting too much head ache simply deny/block the facebook to protect your end-user or your network
An effective security solution would not necessarily care the location of the actual link (Facebook in your example) but instead the destination. Of course, the key thing here is that for sites such as phishing sites that are very short-lived, they are never going to make it into a web filtering database. They will likely disappear before any vendor categorizes the site as malicious and updates their list.
A solution, such as ScanSafe, that is focused on content analysis (rather than just using a URL database or AV) and has capabilities to dynamically categorize these short-lived websites based on content on the site could be the best answer for you.
Disclosure: I work for ScanSafe. Please feel free to contact me if you have any other questions or would like more info on our solution.