Update:  According to CNET, we learn that MS is using WholeSecurity’s technology for the antiphishing component.  The security space is a small world, and we know the guys from Wholesecurity and respect them.  But I admit to being a little bummed they didn’t go with Cloudmark’s, which I’m a big fan of.

In IE 7, MS plans to have a new antiphishing tool.  It looks to be a combination of hueristics (guessing), the use of online reputation services (hmm) and user feedback (good).

They just publishing a whitepaper, available here

“The focus of this white paper is to describe the basic workings of a new capability, the Microsoft® Phishing Filter, that will be included in the upcoming release of Internet Explorer 7. The Microsoft Phishing Filter will not only help provide consumers with a dynamic system of warning and protection against potential phishing attacks, but — more important — it will also benefit legitimate ISPs and Web commerce site developers that want to try to ensure that their brands are not being “spoofed” to propagate scams and that their legitimate outreach to customers is not confusing or misinterpreted by filtering software.”

From the whitepaper:

·        The first level of warning (yellow) signals to users that if the Phishing Filter detects a Web site which contains characteristics similar to a phishing site, Internet Explorer 7 will display next to the address bar a yellow button labeled “Suspicious Website.” Clicking on the yellow button reveals a warning that users have landed on a suspected phishing Web site and recommends that they avoid entering any personal information on the site.

·        The second level of warning (red) automatically blocks users from a Web site if it has been confirmed as a known phishing site and displays a red button labeled “Phishing Website.” When users land on a known phishing site (based on an online list of sites that are updated several times every hour), Internet Explorer 7 signals the threat level (in red) and automatically navigates them away from that site to a new page. This warning page offers users the option to close the Web page immediately or proceed at their own risk to the phishing site.  

 

Here’s a tip. Download Cloudmark’s free and killer antifraud toolbar (Cloudmark is a business partner of ours and we like ‘em).  I wonder why Microsoft didn’t just license that? 

 

Alex Eckelberry
(Thanks to Bespacific)