Phishing Sites

wasgij6 · July 4, 2012, 4:43am

I was just wondering how powerful siteinspectors detection capabilities are for phishing sites? has anyone tested them out. Does siteinspector have its own detection capabilities or does it just check with google etc for advisories

With the many sites i tested it did not detect them.

http://siteinspector.comodo.com/public/reports/4791939
http://siteinspector.comodo.com/public/reports/4791965
http://siteinspector.comodo.com/public/reports/4791969
http://siteinspector.comodo.com/public/reports/4791985
http://siteinspector.comodo.com/public/reports/4792000

miloszcz · July 4, 2012, 11:23am

During checking SI is looking for some public blacklists like phishtank.

vadim · July 4, 2012, 12:09pm

Just third-party services for now, like PhishTank, Urlblacklist etc.

We plan to build Comodo users feedback (votes) sub-system in the future.

wasgij6 · July 4, 2012, 6:23pm

im surprised SI didnt detect these phishing sites since i got all them from phishtank.

thanks

wasgij6 · July 4, 2012, 6:24pm

thanks for the answer, sounds like a great addition to SI

vadim · July 5, 2012, 7:38am

Some of these sites already detected as phishing by SI:
http://siteinspector.comodo.com/public/reports/4807198
http://siteinspector.comodo.com/public/reports/4807115

The others are not confirmed by PhishTank or by other trusted system yet.

Chiron494 · July 5, 2012, 1:38pm

Can you please let me know exactly which lists it uses?

Thanks.

vadim · July 6, 2012, 12:02pm

PhishTank API: PhishTank > Developer Information
GSB API: Google Safe Browsing | Google Developers
UrlBlacklist: http://urlblacklist.com/?sec=search

Chiron494 · July 7, 2012, 5:20pm

Thank you.

trscsaeg · November 1, 2012, 4:04am

are you guys planning to use more 3rd party black list

vadim · November 1, 2012, 7:51am

Yes, we plan to expand such sources. One of the interesting source we plan to use is a Yandex Safe Browsing:

victorh2007 · February 9, 2013, 6:53pm

As a CIS user I miss a friendly way to give feedback to Comodo about the phishing sites I come across.
I’d like Comodo could count with a service like Phishtank where I can log and send samples of Phishing sites.
PCMag has recently reviewed both CIS Premium and CIS Complete showing excellent results.
But at the same time they criticized Comodo for the poor detection of phishing sites, specially the new ones.
Comodo counts with millions of users around the world and could easily ask them to send samples of phishing sites through an online form that certainly would improve a lot CIS detection rates of this kind of threat. This information can also improve detection of Comodo DNS secure service.
Well, this is my suggestion as a Comodo fan!

miloszcz · February 9, 2013, 7:46pm

Hello,
if you come accross any phishing site that you would like to submit, then:

scan it with Comodo WebSite Inspector ( http://app.webinspector.com/ )
If it is not detected, submit it as a Phishing site. ( http://i.imgur.com/Lwk0ErL.jpg )
WI blacklists ( Website Malware Scanner | Online Website Virus and Malware Scanner ) are used to feed DNS blacklists. Probably, after that, Comodo Secure DNS should be blocking that site (if maliciousness of that site will be approved by Comodo’s analyst).

victorh2007 · February 9, 2013, 8:05pm

Thanks a lot for having replied my question very fast!
I’ll follow your instructions from now on!
It is a pleasure to help Comodo and its team. I’ll try my best to help you as much as I can notifying you about phishing sites and malwares not detected by Comodo Internet Security.

All the best for you!

Black_Angel · November 10, 2013, 4:12pm

phishing