cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
BambooCZ
Strollin' around
Status: New idea

Recently I saw a video (in Czech language, sorry) where a guy describes an elaborate fraud. It is basically a form of phishing combined with caller id attack (phone calls are part of it). The new thing is that they are using believable domain names for the attack.

My idea is to create and keep an open list of genuine websites (anyone can add his website) which are juicy subjects for phishing (government, offices, banks, ...) and create a logic which evaluates if the current domain resembles a domain from this list and displays a warning.

Improved version could be to enable this via a header or meta tag when the user first visits my genuine website. This could lower operation costs since there would be no global list but the list would be created on the fly. I am not vulnerable to phishing if I don't use the genuine service at all.

Bonus points would be to evaluate the page visual and compare it to the genuine visual. Using AI, probably.

What do you think?

2 Comments
Status changed to: New idea
Jon
Community Manager
Community Manager

Thanks for submitting an idea to the Mozilla Connect community! Your idea is now open to votes (aka kudos) and comments.

chompito
New member

Thanks for proposing this. For a very long time I been thinking that this is needed.

In away this is like a "black list of names (?) of fishing sites."

Great idea!!!