The latest highly sophisticated DHTML Phishing attack targets Web Page Content.
New York, 13th January 2005. The latest Phishing attack against a top US banking group utilises the "DHTML Edit Control" functions within Internet Explorer to create a highly sophisticated and authentic looking ‘login’ web page. The attack sets up a web page and pipes the “spoofed content” directly into the page, fooling many anti-phishing tools. Comodo, the worlds 2nd largest, fastest growing Certification Authority, provides a portfolio of patent pending Anti-Phishing products and services to Enterprise customers looking to mitigate the risks involved by the exploitation of brand identity attacks.
The patent pending, VerificationEngine uses new X509 compliant CVCs (Content Verification Certificates) developed by Comodo’s Research & Development team that provide for digitally signed “unspoofable web content.” The authenticity of content such as brand graphics and logos viewed with the free VerificationEngine Internet Explorer plug-in can now be verified in real time.
Deploying CVCs on key pages where ‘trust and assurance of content’ is essential (e.g. Home Pages, Account Login Pages etc) affords enterprise clients protection now and into the future. Developed and tested by Comodo’s global Research and Development operations, the CVC architecture is not dissimilar to the highly successful and extensively proven SSL based e-commerce framework used today. However, where the SSL model of trust underpins the framework of the Internet, CVCs provide trust in the actual content of the web page itself.
With consumer confidence being tested daily by ever more realistic Spoofed web sites and Phishing scams Comodo offers a range of free tools to protect against these attacks. (Secure E-mail, AntiPhishing, AntiSpoofing)
“We all know the adage ‘seeing is believing’, however within the virtual world of the Internet this does not always ring true, so here at Comodo we’ve added a caveat ‘Seeing is believing, but only with Verification Engine’.” comments Steve Roylance, Vice President of Global Technical Marketing for Comodo
The increasing frequency and sophistication of Phishing scams means that almost everyone using the Internet is a potential victim. However, there are 3 simple ways to avoid being caught in a Phishing Net and protect your online identity.
* Be suspicious of any email with urgent requests for personal financial information. Unless the email is digitally signed you can't be sure it wasn't forged or 'spoofed'. (Comodo offer free certificates for personal use and a full Enterprise PKI manager for business use).
* You should only communicate information such as credit card numbers or account information via a secure website or the telephone. To ensure that you have a secure SSL session use the free VerificationEngine tool which verifies the SSL session and other properties of site. Combine this with the free Trusttoolbar plug in and you will also be able to identify the end entity running the site, plus the origin of any pop-up adverts that may appear.
* Finally - to protect your identity and personal information ensure you have a solution which defends you from external attacks whilst on-line. Comodo offer free 30 day trails of both Trustix Personal Firewall and Trustix AntiVirus, allowing you to be free from hackers, viruses, spyware, Trojans and other forms of malware which you will encounter whilst connected to the internet. More specific details and solutions for enterprise level deployment can be found on www.trustix.com
# # #
About Comodo
Comodo is an industry-leading provider of information security, management and communication technologies. They create innovative and practical solutions for the SMB, enterprise, home, e-commerce, education, healthcare and governmental markets. Through its Infrastructure Solutions product line, the company endows its customers with a competitive advantage by providing a superior suite of enterprise security, networking and productivity solutions covering perimeter security, VPN, Mail and LAN. Other core technologies include intrusion detection, SSL certificates, content filtering, end-point security and access management. They offer a comprehensive portfolio of solutions that comprise the industry's best combination of security, performance, intuitive interface and value.
Comodo is the world's fastest growing provider of critical infrastructure solutions and can be reached at (US) +1 800 772 5185 (Europe) +44 (0) 161 874 7070
