TippingPoint Releases Anti-phishing Tool

Monkeyspaw open source tool fingerprints phish sites

There’s a kind of “tyranny of good intentions” that often springs up around IT security problems.

Three years ago, the issue was spam, and we saw AOL, Earthlink, Microsoft, and a rogues’ gallery of other characters pile on with anti-spam tools. Remember MakeLoveNotSpam, the Lycos Europe screensaver program that DDoSed spammers while you idled? You get the idea.

These days the spam problem has settled into a state of miserable predictability, but phishing’s out of control. Lo! The anti-phishing tools pop up like dandelions. In fact, a recent Microsoft-sponsored study of browser-based anti-phishing products counted no fewer than eight. Now you can make that nine.

On Monday, TippingPoint, a division of 3Com, will announce Monkeyspaw, a phishing research tool that leverages the Greasemonkey scripting plug-in for Mozilla’s Firefox browser to spot phishing Web sites, which pose as legitimate Web sites and harvest personal information or distribute malicious code.

Monkeyspaw consolidates features for researching phishing Web sites into one interface, said Tod Beardsley, lead counterfraud engineer at TippingPoint. Those features include determining the owner of a Web server, collecting Web server configuration information, determining the location of the site, and reporting the site to CastleCops.

TippingPoint is giving the source code to the open source community and is encouraging others to build on the Monkeyspaw framework. TippingPoint is looking to the open source community to add features that improve reporting, analysis, and correlation of phishing data, Beardsley said.