PhishTank data’s so good, it’s the standard
posted by Allison on November 14th, 2006 in API, Data, Firefox, PhishTank, SiteChecker
Everyone who has ever submitted a phish to or verified a phish for PhishTank deserves a pat on the back today. Congrats to all of you for contributing to the phishing data source chosen by Mozilla to compare phishing protection in Firefox 2.0 to Internet Explorer 7.
That’s right. You read correctly. Mozilla chose PhishTank over all of the other phishing data source sources available to test the effectiveness of new phishing protection features in the two browsers.
The way the testing worked is this: Mozilla contracted third-party evaluator Smartware to track Firefox 2.0 and IE7’s respective accuracy rates in identifying phishing scams. The same scams that were originally netted and verified by you.
In the end, Firefox 2.0 found and blocked 243 phishing Web sites that IE7 failed to identify, and was deemed the better of the two at keeping you safe from phishing.
Brian Krebs of Washington Post went into greater detail about the testing, and mentioned PhishTank SiteChecker, a Firefox extension.
Though we admittedly have Firefox and Internet Explorer on the brain today, we urge everyone making a browser to use PhishTank data (API, Data File, Check URL Method).
Leave a response below, or send a trackback from your own site.
Awesome we got mentioned….
Aww…only one sentence. Oh well. Today The Washington (that’s where I live!) Post wrote an article on Mozilla testing phishing protection in IE7 and Firefox using data from phishtank.com (Rant: if only they tested the browser with this add…
PhishTank’s data was used because it is independent, which is mostly a bad thing. I appreciate the tongue-in-cheek nature of “PhishTank data’s so good, it’s the standard”, because if the data is not shared and used then the communities efforts are wasted.
Lloyd, why is the independence of PhishTank’s data “mostly a bad thing”??
Curious,
John
Wouldn’t it be a better result if both browsers had caught 100% of the phishing sites in PhishTank’s database?
Absolutely, Lloyd, I’d like every browser to catch 100%. We hope that every browser maker uses every tool at their disposal — including PhishTank, where the data is free — to catch phishing sites.
No one here is complacent, or pretending that PhishTank is capturing and classifying every phish on the Internet (although we can dream!). Just thrilled, overall, that the data is proving useful to many, in different ways.
While reporting phishing spam via Spamcop.NET (don’t use .com!), I add the phishtank URL of the entry to “Additional notes” of host as “Phishing, see” and I have found they care about it way faster.
I also used phishtank URL reporting a phish to Yahoo (their signin) and they cared about it very fast.
So, you are quickly becoming “reference” just like Spamcop
Thats all very nice and exciting. Hopefully this project will continue for a long time. These days, security solutions are coming and going at a very speedy rate. One point which got my attention is the _very_ low rate of false positives, I see on phishtank. That means not false submissions but rather the “is a phish” rated entries. So far it looks like phishtank is _very_ trustable and thats very amazing for a FREE site.
Keep up the good work!
[...] As we mentioned over on the PhishTank blog, Mozilla, maker of Firefox, announced today it selected PhishTank data as the benchmark for comparing phishing protection in Firefox 2.0 and Internet Explorer 7.0. This is a big deal, considering the number of phishing-data sources to choose from. [...]