Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


05:45 AM
Connect Directly

PhishTank Looks to Expand

PhishTank's operators are looking for a few good developers to expand and grow the anti-phishing site

PhishTank, the neighborhood watch Website for phishing exploits, is preparing to cast a wider net.

The community-watch anti-phishing site has opened up the site to developers to help it expand and improve on key features, such as how it reports phishing exploits to affected ISPs.

"I want PhishTank to be the best site it can be," says David Ulevitch, CEO of OpenDNS and the founder of PhishTank. Ulevitch has put out an all-points-bulletin for developers to step up and help carry PhishTank to the next level. (See Phishers Launch Zero-Day Exploits and A First Look Into the PhishTank.)

PhishTank has grown from around 2,400 active members in its first month to more than 10,000 after three months. It's tough to gauge exactly how much PhishTank has made an impact in the phish fight, but PhishTank has found more than 35,000 phishes thus far. It's gotten some key commercial attention as well: PhishTank is integrated into the latest version of the Opera browser; and Mozilla used PhishTank data in its comparison testing of Firefox's anti-phishing feature versus Internet Explorer 7's.

PhishTank's approach is different than other anti-phishing initiatives, because users post fishy items to the indie site, and PhishTank "verifiers" -- which include Ulevitch himself -- determine and vote on whether it's a phish and report back with their results and alerts. This approach lets users and consumers become part of the anti-phishing process.

The downside is it's still a blacklisting strategy, which spammers now bypass using botnets, notes Tod Beardsley, lead counter-fraud engineer for TippingPoint. That has led anti-spam efforts to start conducting more content-analysis to stem spam, he says.

"I like PhishTank, and I like OpenDNS. I know that their product has been working well, and rivals the commercial blacklist services that are out there," he says. But "my hope is that this expansion is really an effort to get going in that analysis direction, since merely expanding the blacklists isn't going to cut it for much longer."

Ulevitch, meanwhile, says the time has come to beef up PhishTank. He's heard rumblings on mailing lists for new features and upgrades, including simplifying the verification process, for instance. "I'm looking for fresh perspectives, so we're bringing in outside folks that might bring in fresh energy and ideas."

Does this mean Ulevitch and OpenDNS would hand off the management of PhishTank to another organization? "We're happy to keep it. But ultimately, PhishTank will be best if a community of people shape its direction and drive its features."

Which "community" might adopt PhishTank? It's not clear. "It's a lot of hassle to build a nonprofit, but there are Internet organizations out there that are good at adopting projects," he notes.

PhishTank is looking for both experienced and newbie developers who want to work on its PHP and MySQL environments, and Ulevitch says he expects this to increase its collaboration with other anti-phishing projects. "We frequently share information with CastleCops," he says. "By opening PhishTank to outside developers, the end result will be more collaboration" with other such initiatives.

— Kelly Jackson Higgins, Senior Editor, Dark Reading

  • OpenDNS Kelly Jackson Higgins is the Executive Editor of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

    Recommended Reading:

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Newest First  |  Oldest First  |  Threaded View
    COVID-19: Latest Security News & Commentary
    Dark Reading Staff 8/10/2020
    Researcher Finds New Office Macro Attacks for MacOS
    Curtis Franklin Jr., Senior Editor at Dark Reading,  8/7/2020
    Hacking It as a CISO: Advice for Security Leadership
    Kelly Sheridan, Staff Editor, Dark Reading,  8/10/2020
    Register for Dark Reading Newsletters
    White Papers
    Cartoon Contest
    Current Issue
    Special Report: Computing's New Normal, a Dark Reading Perspective
    This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
    Flash Poll
    The Changing Face of Threat Intelligence
    The Changing Face of Threat Intelligence
    This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    PUBLISHED: 2020-08-12
    The ALPS ALPINE touchpad driver before 8.2206.1717.634, as used on various Dell, HP, and Lenovo laptops, allows attackers to conduct Path Disclosure attacks via a "fake" DLL file.
    PUBLISHED: 2020-08-12
    Sonatype Nexus Repository Manager OSS/Pro before 3.26.0 has Incorrect Access Control.
    PUBLISHED: 2020-08-12
    search.php in the Nova Lite theme before 1.3.9 for WordPress allows Reflected XSS.
    PUBLISHED: 2020-08-12
    PHP-Fusion 9.03 allows XSS via the error_log file.
    PUBLISHED: 2020-08-12
    PHP-Fusion 9.03 allows XSS on the preview page.