Phoiling Phishing at WWW2006

If you’re at the WWW2006 conference here in beautiful Edinburgh Scotland, you’ve probably seen a number of great presentations already such as yesterday’s discussion on Identity Management featuring Kim Cameron from the Infocard team. Today (Friday) I’m sitting on a panel called Phoiling Phishing hosted by Harvard Researcher Rachna Dhamija, where we’ll focus more specifically on the issue of Phishing and techniques browsers can implement to “phoil” the attacks. I hope you’ll come to discuss if you’re here.

-Rob Franco

Comments (6)

  1. Hello,

    I have focused on another aspect of Phishing regarding security issues introduced with Internationalized Domain Names (IDN). The following paper gives an overview of address spoofing attacks and how to specifically deal with the emerging risk of IDN spoofing. I have also implemented and tested the proposed ideas in my free IE add-on Quero.


  2. tako says:

    Sorry for my ignorance, but what is Phoiling Phishing?

  3. EricLaw [MSFT] says:

    @Tako: This could be rewritten "Foiling fradulent web sites".  Using a "ph" instead of a "f" is a fairly common thing in hacker circles.

  4. Dave says:

    Phishing is definitely a geek term, you should use a more descriptive term in all IE UI.

    If someone see’s a phishing filter and doesn’t know what the term is, how will the feature help them? (and also they’ll probably think that someone in the team can’t spell ‘fishing’)

  5. Pacero says:

    I mean, that more of pishing end when email communication will be secured and more of spam be filtered at SMTP layer e.g. by SPF or another technology.