Enable your banking clients to prevent phishing attacks. Help them detect phishing websites effectively using the Snorkel Anti Phishing Toolbar.
Checking if a website has HTTPS and a lock at the bottom is not enough to identify phishing attacks. Phishing attacks are getting increasingly sophisticated and it is almost impossible for the casual user to identify phishing websites quickly and effectively. Phishing attacks most often culminate in identity thefts, and the resulting financial loss is often borne by the financial institutions, despite having very little control over their clients' online activities.
As a financial institution, empowering your clients to protect their identities can help:
Promote customer confidence in your brand.
Encourage more customers to use online banking and financial applications confidently, thus cutting costs .
Save financial institutions millions of dollars by preventing identity thefts.
How traditional Anti Phishing Toolbars work?
Traditional anti-phishing toolbars maintain a list of phishing website URLs and alert the user when he visits one of these sites. The effectiveness of these toolbars depends on:
Whether the provider has identified and documented every phishing site on the web.
How often the phishing site list is updated.
The integrity of the phishing site list itself.
Also, these toolbars do not protect the user from domain name hijacks.
How is Snorkel Anti Phishing Toolbar different?
Snorkel toolbar is PKI-based and allows the user to create a list of trusted sites. Once a trusted site is added to the list, it validates the website's SSL certificate, creates a hash of the certificate and stores it.
Every time the user visits that site, Snorkel toolbar verifies the stored hash with the hash of the current website certificate and alerts the user if there is a difference.
Why is this technique more effective?
The trusted list that Snorkel Toolbar maintains is closed and easily manageable as opposed to the open-ended list of phishing websites, which is difficult to update and maintain.
The user is alerted even if the trusted site's domain name is hijacked.
The integrity of the toolbar and the trusted site list itself is ensured by a unique digital signature, displayed on the toolbar as a string of 6 characters. This string is unique to each installation and the toolbar can not be compromised without changing the colour or characters in the string.
Using Snorkel Toolbar to detect phishing websites is easy!
Snorkel toolbar alerts users by showing four red lights if the domain name of a website they trust has been hijacked.
A website is shown in amber if its URL is not on the list of trusted website. This could either mean that the user did not trust that particular website or that the site is a phishing site.
A website is shown in green if it is trusted by the user and safe to visit. Since it is the user himself who creates a list of websites that he trusts, the toolbar protects the user from even the latest and evolving phishing websites.
Detecting attacks on Snorkel Toolbar
Note the string at the right hand corner of the toolbar. This string is unique to every installation. Any change in this string including colour or characters will indicate that the Snorkel toolbar trusted list has been compromised.
Odyssey Technologies Limited is the leader in PKI technology and e-security solutions in the Asia-Pacific region. Odyssey develops products and solutions for Internet transaction security and is recognized by the Controller of Certifying Authorities in India as a technology vendor. The company proudly supports the security needs of major banks and financial institutions in the Asia-Pacific region and has earned their trust as a reliable vendor.