CipherTrust launched a new free service, PhishRegistry.org, that aims to help alert companies when their Web sites are mimicked for fraudulent purposes.
Companies can register their Web sites with the service and CipherTrust will monitor the Internet to look for possible unauthorized duplicate sites -- e.g. those sites that have content very similar to the registered company's site. Duplicate sites would undoubtedly be used for phishing activity. When a duplicate is detected CipherTrust will alert the legitimate company about the duplicate site. The purpose is to help company's gain as much early warning as possible about potential phishing attempts against their customers.
Individuals can also register sites as PhishRegistry.org. For example, someone might register their bank's Web site. However in those cases CipherTrust will not alert the person who register's the site since they are not the legitimate site owner.
In order to detect possible duplicate Web sites CipherTrust invented a proprietary technique they Phisherprinting. The technique involves a method of determing the probable match of any two given Web sites via automation. The company introduced Phisherprinting technology at the MIT Spam Conference on Tuesday, March 28.
"Online fraud is a race between the bad guys, who rush to post false sites to snare unsuspecting users, and the good guys - e.g. legitimate businesses protecting their brand and their customers," said Dr. Paul Judge, chief technology officer at CipherTrust. "Think of PhishRegistry.org as a neighborhood watch that dramatically speeds the pace at which organizations are notified of phishing attempts. \[The service offers\] a significant advantage in the race to ensure trust in the Internet and in online communications."