This invention relates to providing a system for verifying the authenticity of entities on a network.
“Phishing” is the fastest growing form of identity theft. Phishing is typically facilitated through the use of fake websites, called “phishing websites”, designed to trick website visitors into divulging confidential information such as login IDs, passwords, etc. Phishing results in both financial and brand name losses; and the financial services industry has suffered great losses. Experts believe phishing is having the effect of “slowing the growth of online banking and commerce” because of eroding consumer confidence in the authenticity of financial and e-commerce websites.
In 2003, the FDIC reported U.S. financial losses attributed to phishing exceeded five billion U.S. dollars. The Federal Trade Commission reported that 2 million U.S. Internet users experienced some form of phishing-related fraud during the 12-month period ending April 2004.
Phishing usually involves luring web users to respond to fake/counterfeit email or spam, which is often designed to appear as genuine correspondence from a bank, financial institution or other reputable online business. Phishing may also include ensnaring users to visit a phishing website. Since the phishing website may be a nearly identical copy of the actual website, the user will then willingly, but unwittingly, provide his login credentials which will be captured by the phishing website. This information will then be later used by the phisher to fraudulently derive benefit of the account information. Victims of such scams may be unaware that any phishing has occurred because the phishing website will redirect the user to the actual website using the login credentials previously supplied by the user.
Phishers have many other methods of fooling web users. These methods include the following.
Altering DNS records to redirect traffic intended for the authentic website to the phisher's website. This is also known as DNS poisoning, DNS spoofing or sometimes pharming.
Phishers can also spam emails which contain hyperlinks that use the domain name of the targeted website but use the IP addresses of the phisher's website; and phishers rely on at least a portion of the recipients to not check the ownership of the IP address.
Phishers may design spam email containing many hyperlinks to the targeted website, but just a few to the phisher's website, for example, the link to post the username and password. Most users will not notice that only a few of the links actually point to the phisher's website.
Phishers can develop viruses, spyware or other programs that can be inadvertently loaded onto a user's computer and manipulate the local DNS software by, for example, entering a DNS record that will cause that particular user's web browser to connect to the phishing website whenever the user attempts to connect to the targeted website.
Phishers can register common typos of the domain name owned by the targeted website, and when someone inadvertently incorrectly types the domain name, they will be presented with a nearly identical phishing website.
Phishers can use multi-byte encoding techniques, such as Unicode, to make the hyperlink URL appear to point to the targeted website, however, it actually will send the user to the phisher's website. This technique is sometimes known as IDN spoofing.
Phishers can use features and programming inconsistencies in the user's web browser to cause the address bar of the web browser to display the website of the targeted website, but the content display in the browser is from the phisher's website. One particularly difficult type of phishing attack is called the “man in the middle” attack. In this type of phishing attack, the user is lured to a phishing website. The user is prompted for their credentials. The phisher then acts as a proxy and passes the credentials on to the targeted website. Any response that the user expects from the true targeted website may be passed back to the user by the phisher who again will act as a proxy. This method of phishing is difficult to prevent. Other techniques are constantly being developed, and this list is not exhaustive of the techniques and methods that phishers use to trick users into providing credentials that prove their identity.
Despite such prevalent tactics, there has not yet been developed a system for adequately protecting users and authentic website businesses against fraudulent transacting exemplified in the above types.