Select your localized edition:

Close ×

More Ways to Connect

Discover one of our 28 local entrepreneurial communities »

Be the first to know as we launch in new countries and markets around the globe.

Interested in bringing MIT Technology Review to your local market?

MIT Technology ReviewMIT Technology Review - logo


Unsupported browser: Your browser does not meet modern web standards. See how it scores »

{ action.text }

Revealing Phishers
A new approach ­reliably identifies fraudulent websites.

Source: “Fighting Phishing with Discriminative Keypoint Features”
Kuan-Ta Chen et al.
IEEE Journal of Internet Computing
13(3): 56-63

Results: Software designed by researchers at the Academia Sinica in Taiwan can recognize websites designed to trick people into revealing information such as passwords and bank-account numbers, a scam known as phishing. In tests, the system recognized these sites between 95 and 98 percent of the time.

Why it matters: It’s been estimated that phishing costs Americans a billion dollars a year or more. Methods for identifying phishing sites have been developed, but existing techniques don’t catch them all. The new approach promises to identify these sites more reliably.

Methods: Because phishers usually try to fool users with fake Web pages that look like genuine pages from eBay, PayPal, or some other target site, the researchers focused on a page’s appearance rather than its content. Their system examines common target sites and identifies “keypoints”–points in an image that can still be recognized even if the scammer changes colors or adds distracting elements. It then compares new sites that a user visits with the pattern of keypoints on common target pages. If the patterns prove too similar, the pages are flagged as possible phishing sites.

Next steps: The researchers are developing a browser plug-in that uses their system to warn people when they may have reached a phishing site.

0 comments about this story. Start the discussion »

Credit: Fink Lab/MIT

Tagged: Computing, Web

Reprints and Permissions | Send feedback to the editor

From the Archives


Introducing MIT Technology Review Insider.

Already a Magazine subscriber?

You're automatically an Insider. It's easy to activate or upgrade your account.

Activate Your Account

Become an Insider

It's the new way to subscribe. Get even more of the tech news, research, and discoveries you crave.

Sign Up

Learn More

Find out why MIT Technology Review Insider is for you and explore your options.

Show Me