> The malware and phishing system does a pretty good job of detecting > phishing sites like this, which we get notified of via SafeBrowsing
SafeBrowsing is a great system, but it ultimately relies on savvy users telling us that a site is phishing. Some scams are sufficiently good that the majority of users don't notice. For instance the paper I linked found that some phishing attacks had a greater than 90% success rate. Anecdotally, I've manually reported two Facebook related phishing scam sites (by the same people) that didn't enter SafeBrowsing for multiple days, probably because they were very sophisticated and not enough users reported them as phishing. I agree that the biggest problem with negative indicators is false positives, though given that a good phish needs to be very close to the real website, I suspect a regex/phrase based approach could be pretty well tuned. Phishers would of course tweak their site until the warnings did not trigger, but they'd have to deviate significantly from the real site, which should lower their success rate with high profile targets like banks or facebook. I disagree that the padlock animation would be adding visual noise, the existing static padlock is already visual noise - people don't understand it, so replacing it with something more noticeable that is harder to forge can only increase its effectiveness. It also provides an opportunity to educate the user a bit - if the padlock animation includes the words "Secure" or "verified to be yourbank.com" or whatever, they don't have to remain on the screen permanently ... they could fade out after a few seconds in such a way that it's obvious where to click to learn more or get them back (eg a bubble). That way the meaning of the padlock becomes more obvious and it doesn't rely on people getting the (fairly ropey) analogy. --~--~---------~--~----~------------~-------~--~----~ Chromium Developers mailing list: [email protected] View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~----------~----~----~----~------~----~------~--~---
