September 05, 2010  
Raising Awareness and Concern at the Computer
SEARCH
Current Headlines
Business Services
For Schools
For Non-Profits
What to Expect
Training Materials
Free Registration
On-Line Newsletter
Resource Directory
Resources on the Web
Archives
Contact the Staff
Home


   
 
  Product Reviews  
Spoof Stick : Untangling the URL
A small browser extension to help protect you from URL spoofers.
Wednesday, March 23, 2005
BY : Brian Ashe
An e-mail has just arrived claiming to be from your bank. You've been told that banks don't do this sort of thing and you should be wary of such missives. That's good thinking. However, something strikes you about this message. It is well written (no typos in it and it doesn't sound like it was written by someone in a first year English course), it contains all of your bank's logos and other symbols and the link has a URL that seems to actually go to your bank.

You ponder this for a moment and rationalize that you can't be hurt going to the site just to make sure that you aren't about to lose your service, even temporarily. Clicking on the link, you find a site that is definitely just like the one your bank usually has. Must be OK.

Or is it?

There is a helpful little tool to help you make sure that the site you think you are at is actually where you are. It's called Spoof Stick. Spoof Stick is available for both Internet Explorer and Mozilla Firefox.

Many of the phishing e-mails that are out there, have a tendency to obscure the address that you are actually at by using something like...
http://www.citibank.com@172.34.136.14/security.asp ?f=12&to=Qw78ufm0Lhh09.
This is quite cryptic to the average user and disassembling all that into something meaningful could be quite a chore. Do you actually know where you have just visited? You probably think it is Citibank. But you would be wrong. The location is actually at the IP address right after the @ symbol. This is only one of many techniques the phishers might use.

Spoof Stick does an excellent job of weeding out the garbage put in to confuse you and just gives you the core of the site's address that you are visiting. It is not a be-all-end-all, but it is improving and adding to it's ability to catch the tricks that are being used against you.

You can grab Spoof Stick at http://www.corestreet.com/spoofstick/

We give it a rating of : 4.3   StarStarStarStarHalf-Star
SpoofStick recognizes the false URL.
 
No ratings or reviews found. Be the first to Provide Feedback
 


Current Headlines  :: Business Services  :: For Schools  :: For Non-Profits
What to Expect  :: Training Materials  :: Free Registration  :: On-Line Newsletter
Resource Directory  :: Resources on the Web  :: Archives  :: Contact the Staff
Home

   

   © Copyright 2004-2010 Internet Self Defense™ Training and Conditioning