Phishing is a huge problem and several companies have stepped forward to provide some form of protection. One popular approach is the use of a browser toolbar add-on to help provide a visual cue that alerts people to potential phishing sites. The typical approach of such toolbars has been to use a continually updated database of known phishing sites that is referenced transparently to the user each time a new site is visited. The toolbar then alerts the user upon detection of a phishing site.
TraceSecurity developed a different and rather obvious approach to the problem. Instead of looking for known phishing sites their new TraceAssure Toolbar works by looking for legitimate Web sites by matching domain names to IP addresses. The toolbar uses a database maintained by TraceSecurity that contains the IP addresses and domain names of legitimate Web sites that belong to financial institutions, such as banks, and other organizations.
When a user visits a Web site then the associated domain name and IP address are cross-referenced against TraceSecurity's database. If there is a mismatch then users see a red bar that contains the word "Malicious." If the IP address and domain name match then users see a green bar that contains the word "Authenticated" along with the complete name of business.
"We created the TraceAssure program to protect the customers of organizations that maintain confidential information. Where most blacklist anti-phishing solutions fail, TraceAssure cannot be fooled," said Jim Stickley, CTO of TraceSecurity.
TraceAssure Toolbar is available as a free download and is compatible with Internet Explorer on Windows, and Firefox on Windows, Mac OS X, and RedHat Fedora.