What is Phishing?

The name 'phishing' has been derived from the notion of "fishing for information" and "phreaking". It is an act of fraud through which cyber-criminals use electronic communication to scam a user by claiming to be a legitimate organization or a trustworthy enterprise. This is done in order to coax the user into providing personal and financial information, like username, password, bank account details, credit card details etc. that can then be used in an identity theft. Multiple web sites are used by phishers but the most frequently used ones include PayPal, eBay, MSN, Yahoo, BestBuy, and America Online.

ZNetLive provides its customers with free 'Phishing Compromise Alert' service powered by Netcraft.

Why NetCraft?

The Netcraft phishing, identity theft and fraud detection service helps users in protecting their brand by proactively identifying fraudulent sites and possible attacks.

Netcraft first launched its anti-phishing system in 2005 and it defends a brand from phishing sites by blocking an attack following careful validation of community-reported phishing sites.

More than 8.5 million unique phishing sites have been detected and blocked by Netcraft's system till date [May 2014].

Netcraft provides continuously updated phishing feed that is used in all major web browsers by software developers and network administrators and it is also licensed by many of the leading anti-virus, content filtering, web-hosting, internet service providers and domain registration companies.

Netcraft's anti-phishing blocklist has been found to be the most effectual anti-phishing feed available by at least three separate third-party studies.

Netcraft's services give users round the clock alerts whenever a phishing page is identified on his website and he is instantly notified of its location in his website. This enables a user to quickly and effectively remediate a phishing attack.

Netcraft service is included as standard with the free SSL Certificate that ZNetLive provides to customers on annual billing.

Why does ZNetLive provide free phishing alert service with its SSL?

The scope of protection provided by an SSL certificate is limited to securing the to-and-fro data transactions from a website, however it is also vital to ensure the server side and website pages' security. For example, attackers often exploit vulnerabilities on customer's webserver to use his website to distribute viruses and steal confidential data from his customers, and to bury phishing attack pages deep into his website. If Google identifies a domain as one being used for such malicious activities, it blacklists it without any further notification.

Although a majority of phishing attacks run over HTTP, a considerable number of attacks have been found running on the sites with SSL certificates or on HTTPS. In July 2012 alone, Netcraft found phishing attacks using a total of 505 unique valid SSL certificates from widely trusted issuers.

Phishing Attacks on Sites Using SSL Certificates

During July 2012, Netcraft blocked hundreds of phishing sites which presented unique SSL certificates:

Comparison of Phishing Attacks On Sites with SSL Certificates Issued by Different CAs

Phishing attacks that make use of SSL certificates are very dangerous as most users associate the presence of a valid SSL certificate with an increased level of assurance. Thus, ZNetLive provides holistic protection to customers' complete online presence by providing free malware and Phishing detection software with SSL certificates validated by the most trusted CA –GlobalSign, so as to provide a complete security package for customer's website at no additional cost.