A new, free browser add-in from English Internet services firm Netcraft Ltd. fights phishing attacks and helps users investigate sites they visit.
eWEEK.com tested the new tool bar, available initially only for Internet Explorer on Windows 2000 and Windows XP, and liked what we saw. All but one phishing link we visited was interrupted by a popup from the tool bar (click here to see a sample) and we used the built-in link to report the one site that the tool bar didnt block.
Once installed, the tool bar exists as an IE Explorer Bar, much like the Google tool bar, and coexisted well with other Explorer bars in our tests. (See the image of the tool bar below and click the image to see it within a browser window.)/zimages/6/94856.jpg
The tool bar has two buttons, both of which have links to other services by Netcraft, many of them free. The Netcraft button exposes other security functions, such as reporting a phishing site unknown to the tool bar and reporting false positives from the tool bar, as well as many statistical reports, such as which countries and hosting services have the most phishing sites.
/zimages/6/28571.gifFor insights on security coverage around the Web, check out eWEEK.com Security Center Editor Larry Seltzers Weblog.
Netcraft is most famous for its Web server survey, reporting which Web server software is most in use on the Internet. For this and other research, the company scans the Internet regularly and has built up a large database of sites and what is running on them. This data plays a key role in the function of the tool bar.
Beyond the two buttons, the rest of the tool bar displays information about the site being viewed in the browser. First is the date the site was first observed by Netcraft. There is also a ranking of the site by number of visits, presumably by users through the Netcraft site and software. Finally, the tool bar reports the hosting service or netblock owner.
Netcraft tracks phishing sites in its database and uses that data to block sites when users visit them. The company also uses some heuristic techniques to block practices often used by phishers to deceive users, such as including


