C. Requisitos técnicos necesarios para ser evaluados
C.1. Requisitos generales
IV. Metodología de evaluación de ofertas
9. HOW ANTI-PHISHING SOFTWARE WORKS
Anti-phishing software
Anti-phishing software consists of computer programs that attempt to identifyconsists of computer programs that attempt to identify phi
phishishing ng concontentent t concontaitained ned in in webwebsitsites es and and e-me-mailail. . It It is is oftoften en intintegregrateated d witwith h webweb browsers and email clients as a toolbar that displays the real domain name for the website browsers and email clients as a toolbar that displays the real domain name for the website the viewer is visiting, in an attempt to prevent fraudulent websites from masquerading as the viewer is visiting, in an attempt to prevent fraudulent websites from masquerading as other legitimate web sites. Anti-phishing functionality may also be included as a built-in other legitimate web sites. Anti-phishing functionality may also be included as a built-in capability of some web browsers
capability of some web browsers
Common phishing tactics take advantage of a visitor by Common phishing tactics take advantage of a visitor by re
reququesestiting ng ththem em to to lilink nk ouout t to to anoanothther er sisitete, , asaskiking ng ththat at ththe e enenteterr personal information and passwords, or redirecting them to another personal information and passwords, or redirecting them to another site completely for registration. The process usually begins by sending site completely for registration. The process usually begins by sending out a forged e-mail that looks like it was sent from the company. Some out a forged e-mail that looks like it was sent from the company. Some ta
tactcticics s ininclcludude e sasayiying ng an an acaccocoununt t hahas s exexpipirered d anand d neneededs s to to bebe up
verified. Many banking and financial institutions become targets for verified. Many banking and financial institutions become targets for these types of scams, and
these types of scams, and they can be a they can be a considerable threat to millionsconsiderable threat to millions of account holders and users.
of account holders and users.
Many leading web browsers and software programs have Many leading web browsers and software programs have realized the impact of this trend, and have created programs that can realized the impact of this trend, and have created programs that can li
limimit t ththe e frfreqequeuencncy y of of ththesese e tytypepes s of of scscamams. s. MiMicicirorososoft ft WiWindndowowss Internet Explorer 7, Firefox 2.0, Google Safe Browsing, and Earthlink Internet Explorer 7, Firefox 2.0, Google Safe Browsing, and Earthlink Scam
ScamBloBlockecker r are are jusjust t a a few progrfew programs ams thathat t havhave e redreduceuced d the the ririskssks involved.
involved.
In Firefox 2.0, Phishing Protection is always turned on and In Firefox 2.0, Phishing Protection is always turned on and checks the sites automatically for any potential risks or hazards. The checks the sites automatically for any potential risks or hazards. The list is reviewed on a regular basis, and can be configured to Firefox list is reviewed on a regular basis, and can be configured to Firefox Secur
Security ity settsettings ings for for maximaximum control. mum control. When Phishing ProtectWhen Phishing Protection ion inin enabled, the sites are downloaded into a list and checked for any anti- enabled, the sites are downloaded into a list and checked for any anti- phishing services. A warning sign will appear if any suspicious activity phishing services. A warning sign will appear if any suspicious activity is detected. The Netcraft toolbar makes use of a risk rating system, is detected. The Netcraft toolbar makes use of a risk rating system, allowing you the option of entering a password (or not). TrustWatch allowing you the option of entering a password (or not). TrustWatch makes the Internet Explo
makes the Internet Explorer toolbarrer toolbar, , and can and can help validathelp validate a e a Web siteWeb site and provide a site report when needed. This option also allows you to and provide a site report when needed. This option also allows you to review all suspected sites and find out which ones use SSL technology. review all suspected sites and find out which ones use SSL technology. Earthl
Earthlink ink ToolToolbar bar with ScamBlocwith ScamBlocker ker will verify any will verify any popup messagespopup messages that you may encounter as you visit a site, and can help you find out that you may encounter as you visit a site, and can help you find out all the details on current phishing scams.
all the details on current phishing scams.
Anti-phishing software is designed to track websites and Anti-phishing software is designed to track websites and monitor activity; any suspicious behaviour can be automatically monitor activity; any suspicious behaviour can be automatically reported, and even reviewed as a report after a period of time. Anti- reported, and even reviewed as a report after a period of time. Anti- phishi
phishing ng toolbtoolbars can ars can help protechelp protect t your privacyour privacy and y and reducreduce e the risk of the risk of la
landndining g at at a a fafalslse e or or ininsesecucure re URURL. L. AlAlththouough gh sosome me pepeopople le hahaveve concerns over how valuabe anti-phishing software and toolbars may concerns over how valuabe anti-phishing software and toolbars may be
managed by the browser program. Other companies that are trained in managed by the browser program. Other companies that are trained in com
computputer er secsecuriurity ty are are invinvestestigaigatinting g othother er wayways s to to rereporport t phiphishishingng issues; programs are being designed that can analyze web addresses issues; programs are being designed that can analyze web addresses for fraudulent behavior through new tactics, and cross-checking for fraudulent behavior through new tactics, and cross-checking domain names for validity.
domain names for validity.
10. CONCLUSION
10. CONCLUSION
No single technology will completely stop phishing. However, a combination of No single technology will completely stop phishing. However, a combination of good organization and practice, proper application of current technologies, and good organization and practice, proper application of current technologies, and
improvements in security technology has the potential to drastically reduce the improvements in security technology has the potential to drastically reduce the prevalence of phishing and
prevalence of phishing and the losses suffered from it. In particular:the losses suffered from it. In particular:
•
• .High-value targets should follow best practices and keep in touch with continuing.High-value targets should follow best practices and keep in touch with continuing
evolution of them. evolution of them. •
• PhiPhishishing ng attattacks acks can can be be detdetectected ed raprapidlidly y thrthrougough h a a comcombinbinatiation on of of cuscustomtomer er reportage, bounce monitoring, image use monitoring, honeypots and other techniques. reportage, bounce monitoring, image use monitoring, honeypots and other techniques. •
• EmaiEmail l authenauthenticattication ion technotechnologielogies s such such as as Sender-Sender-ID ID and and cryptcryptographographic ic signisigning,ng, when widely deployed, have
when widely deployed, have the potential to prevent phishing emails from reaching the potential to prevent phishing emails from reaching users.users. •
• AnalyAnalysis sis of of imageimagery ry is is a a promipromising sing area area of of futurfuture e researesearch rch to to identidentify ify phishphishinging emails.
emails. •
• Personally Personally identifiable identifiable information information should should be be included included in in all all email email communications.communications. Sy
Syststemems s alallolowiwing ng ththe e ususer er to to enenteter r or or seselelect ct cucuststomomizized ed tetext xt anand/d/or or imimageagery ry araree particularly promising.
particularly promising. •
• BrowsBrowser er secursecurity ity upgradupgrades, es, such such as as distdistinctiinctive ve displdisplay ay of of potentpotentiallially y deceptdeceptiveive cont
content ent and and proprovidviding a ing a warwarninning g whewhen n a a potpotententialially ly unsunsafe link afe link is is selselectected, ed, coulcouldd substantially reduce the efficacy of phishing attacks.
substantially reduce the efficacy of phishing attacks. •
• Information Information sharing sharing between between the the components components involved involved in in a a phishing phishing attack attack – – spamspam filters, email clients and browsers – could improve identification of phishing messages filters, email clients and browsers – could improve identification of phishing messages and sites, and restrict risky behavior with suspicious content.
and sites, and restrict risky behavior with suspicious content. •
• AntiAnti-phish-phishing ing toolbtoolbars ars are are promipromising sing tools tools for for identidentifyiifying ng phishphishing ing sites sites andand heightening security when a potential p
heightening security when a potential phishing site is detected.hishing site is detected. •
• DetectDetection ion of of outgoioutgoing ng conficonfidentiadential l inforinformatiomation, n, incluincluding ding passwpassword ord hashihashing, ng, is is aa promising area of future work, with some technical
promising area of future work, with some technical challenges.challenges. •
• An An OS-level OS-level trusted trusted path path for for secure secure data data entry entry and and transmission transmission has has the the potential potential toto dramatically reduce leakage of confidential data to unauthorized parties.
dramatically reduce leakage of confidential data to unauthorized parties. •
• Two-factor Two-factor authentication authentication is is highly highly effective effective against against phishing, phishing, and and is is recommendedrecommended in situations in which a small number of users are involved with a high-value target. in situations in which a small number of users are involved with a high-value target. Device identifier based two-factor authentication offers the potential for cost savings. Device identifier based two-factor authentication offers the potential for cost savings.
•
• Cross-site Cross-site scripting scripting is is a a major major vulnerability. vulnerability. All All user user content content should should be be filtered filtered usingusing a let-in filter. Browser security enhancements could decrease the likelihood of cross-site a let-in filter. Browser security enhancements could decrease the likelihood of cross-site scripting attacks.
scripting attacks.