Problems With Anti-Phishing

Blacklist Issue

• Some anti-phishing tools utilize blacklists to block malicious websites; such lists comprise fraudulent websites identified by the company and submitted by its users. The performance of anti-phishing tools depends largely on the accuracy of these blacklists. Some tools receive automatic blacklist updates from their sources, but others don't update that often, and when the blacklist isn't updated properly, it is impossible for the tools to identify phishing websites.

False Positive Rates

• False positive rates refer to phishing alerts for legitimate websites. Anti-phishing tools may come to falsely regard legitimate websites as phishing sites and keep sending you an alert after you are aware you are trying to visit a legitimate website. Users may disable the anti-phishing tools to avoid the false alerts, which can lead to problems from other sites.

Page Load Attack

• Some anti-phishing tools examine the content of web pages to determine whether it is safe, so you have to wait for this examination to finish while your page is loading. The phishing alert icon will change color from yellow to red when detecting a phishing website; if a page takes a very long time to load, the phishing alert icon won't change color until the examination is done, so, for example, you may have already input sensitive information to the questionable website.

Catch Rate

• No single technique will accomplish the anti-phishing task completely. Tools that use blacklists of dangerous sites have update and completeness problems, while those using a heuristic method can fail to recognize some known phishing sites. Tools, or combinations of tools, that use both blacklists and heuristic techniques can perform better.