Today, through networks such as the Internet, there are intruders, hackers, unauthorized users, and programmed devices trying to breaking into other computers, servers, firewalls, routers, PDAs, cell phones, game consoles, and other electronic devices that connected to the network. For example, website servers, other devices, and users may send a virus, a worm, adware, spyware, or other files to another electronic device on the network. The files may cause the other device to run some malware (e.g., backdoors, worms, trojans, etc.) that may initiate a network connection to other equipment, such as a web server, to spread a virus, to get another virus, to send confidential information to others, and/or other undesirable actions. It is desirable to detect and prevent these actions from happening.
A file is often delivered by email, such as through a web-based email system. Although email messages typically include an identifier of the sender in a “From” field, it may be difficult to ensure that the sender identifier is valid. For instance, the From field of a phishing email may include an email address with a sender's domain name that appears to indicate a legitimate financial institution's email server. A user may have difficulty determining whether the sender identifier is authentic. In other cases, a network device may request accesses to a client device to deliver a web page, a pop-up advertisement, or other data. A domain name of the requesting network device may indicate a legitimate financial institution's server. Some security software provides a message with address information to a user. The user may choose whether to accept the request. However, many users have difficulty determining whether the sender's address information is authentic.
Another undesirable activity is referred to as phishing. The term phishing is generally associated with attempts to obtain personal and/or confidential information for illegal or unauthorized purposes. Typically, a deceitful person or organization sends one or more emails including a hyperlink to a phishing website that enables a user to enter personal and/or confidential information. Internet phishing websites make people believe that they are entering a real official website of a corporation or other organization. These phishing websites typically accomplish this by making their website look like official websites. General users then give out personal/confidential information without realizing that they have submitted the information to a phishing website, the operators of which may use the information for illegal or unauthorized purposes. The phishing website usually uses a uniform resource locator (URL) with a domain name that is very similar to the real official website. The domain name is also sometimes referred to as a domain name address (DNA). For example, a phishing website may use a DNA like www.paypal.billing.com to make people think this is an official website of Paypal, Inc. The underlying internet protocol (IP) address of the official looking domain name generally routes the user to the phishing web site rather than to an official website of the authentic company. Or the phishing website may use the official company domain name for the hyperlink, but use the phishing website IP address in the hyperlink. When the user clicks on the hyperlink in the email or on a web page, the user is directed to the phishing website rather than to the official website.
Resources on the internet or other network have their own unique IP address. Organizations, including companies, private organizations, government agencies, and the like are assigned their own unique IP address or a range of IP addresses. The same holds true for a phishing website. The phishing website, or other network node, cannot fake its IP address to be somebody else's official IP address due to the Internet IP network routing mechanisms. Even a phishing website has to use its own IP address in order for people to get to the phishing website. It is with respect to these and other issues that the invention is directed.