1. Field of the Invention
The present invention relates to the protection of computer system users. More particularly, the present invention relates to a method and apparatus for providing protection from phishing attacks.
2. Description of Related Art
Phishing is a term used to describe the actual or attempted theft of a user's private information. For example, an e-mail is sent to a user falsely claiming to be an established merchant in an attempt to trick the user into surrendering private information that will be used for identity theft. Typically, the e-mail directs the user to visit a web site, usually using a link provided in the e-mail itself, where the user is asked to update personal information, such as passwords, credit card numbers, social security numbers, and/or bank account numbers, that the legitimate merchant already has. The Web site, however, is not the actual legitimate site; it is actually a look-a-like site, is malicious, and is set up only to steal the user's information.
Although one example of a phishing attack is described above, there are many types of phishing attacks.
To protect users from phishing attacks, security applications such as anti-phishing applications have been developed. These security applications take protective actions when a user attempts to visit a known phishing site, e.g., a website. For example, the security applications block access to the phishing site, or at least provide a notification that the user is connecting with a known phishing site.
Security applications rely upon updates from security vendor update sites. These updates are an important component of the security applications. For example, as new phishing sites are discovered, new phishing Uniform Resource Locators (URLs) are distributed as an update to allow for the security applications to protect users from the newly discovered phishing site.
However, by the time phishing sites are discovered by security vendors, a user's private information may already have been stolen, often without the user even being aware that they were subject to a successful phishing attack. Often, the user doesn't become aware that they were subject to a successful phishing attack until the user becomes a victim of identity theft.