Computer users are under constant threats from various computer and network sources. For example, a user may receive a communication such as an electronic mail (email) that includes a link to a particular web site or an embedded executable. Although many such web sites and executables present no threat to the user, consider the possible scenario. The user accesses a web site via an emailed link. The web site claims to be a legitimate entity (such as one known to the user) and requests important information (e.g., credit card, social security, or bank account number) from the user. The web site, however, is actually mimicking a legitimate site and has been setup to misappropriate personal information. Such a fraudulent activity is often referred to as phishing.
In another example, a user may receive executable code from a network destination such as a website or other source. Unbeknownst to the user, the executable code is or otherwise includes a malicious program such as a spyware, adware, Trojan horse, virus, worm, or keyboard-logging program. Such executable code is generally referred to as malicious software (malware), and oftentimes poses a significant threat to the security of the user's computer system and/or personal information. Users also face other possible threats, including fraudulent domain names pretending to be legitimate entities, web sites that sell deceptive products or services, and network sources that generate spam, pop-up ads, and other undesirable activities.
One technique for mitigating the threats is to install security appliances (e.g., hardware firewall), as well as security software (e.g., antivirus, software firewall) to detect the presence of worms, viruses, and other malicious programs. However, such tools fail to properly inform, or at least under inform the user as to the nature of perceived security threats. For example, if a particular threat is unknown to the local tools, no action is taken and no reporting to user is carried out.
What is needed, therefore, are techniques that allow a user to make an informed decision regarding a potential threat from a source.