New Anti-Phishing Technology Invented

A young man from Massachusetts, working for the Department of Public Health as a day job, is designing a piece of software that has the potential to put a serious dent in the practice of phishing, a criminal activity that costs US internet users about $200 million each year. Ben Jackson’s software, known as “Crows Nest,” keeps an eye out for domain name registrations of websites that might be used for phishing, and keeps users alerted.  His proxies are from In the future, it might be a useful tool for law enforcement authorities. Phishing, for those of you who don’t know, is the practice of imitating a legitimate online business to get someone’s login information. For example, someone might send out a spam email telling users that they need to attend to urgent business on PayPal. Upon clicking the link, they will be taken to a website designed to be a careful imitation of the real PayPal site, perhaps with a URL of, or something similar. The unsuspecting user would type his email address and password into the box, hit login, and the damage would be done. The phisher could then use his login information to get into the real PayPal, and, say, send a thousand dollars to his own account. Although companies like PayPal go to great lengths to educate their users about the menaces of phishing, there remain enough sufficiently gullable people for phishing to be quite profitable. Crows Nest would work by looking for registrations of sketchy domain names, such as the previous example of “”, and would alert the user when it found them. It would use the Mark Alert, a paid tool offered by Name Intellegence, Inc, to keep track of newly registered domains, and search through the list with keywords. Using a simple logic script, it would then rank them, singling out ones that looked particularly dangerous. It would provide a list of these, potentially weeks before the actual sites went up. Combined with proper law enforcement attention, the problem could be almost completely nipped in the bud. Although there are already anti-phishing technologies in existence, none of them are this effective and far reaching. Most current approaches primarily rely on education, teaching consumers not to give out their username and password unless they are sure they are sure they are giving it to the right party. As the internet gets more fully developed, security gets tighter, but new possibilities open up. Although new and greater menaces may loom ahead, it would be wonderful if phishing could become a problem of the past. Congratulations, Ben Jackson!

Leave a Reply

Your email address will not be published. Required fields are marked *