02-14-2011 03:31 PM - edited 02-14-2011 03:49 PM
How is it possible that Norton classifies a Phishing Site as safe? I have received a fake e-mail and it was not considered to be SPAM and the sender was "ING Bank" (not really of course). When opening the e-mail you can click on a link and you have write your username and password. Of course it is too late if you do so.
Norton says that the site is safe and does not contain phishing. Norton says on another (next) page that the site has not been tested. This of course a big mistake. How can not give the advice that the site is secure! A big mistake and a blunder of the first order.
Biggest mistake ever made in history by Symantec!
02-14-2011 04:33 PM
Efforts by every organization that combats phishing are aimed at compiling a list of sites that are known or suspected to engage in phishing. The lists are always changing because phishing sites do not stick around for long. The average phishing site stays online from only a few hours to a couple of days. Nobody can possibly catalog all of the phishing sites that are operating at any given time. Anti-phishing organizations share information as sites are reported, but obviously new sites spring up all the time. There are several organizations that spearhead the tracking of phishing sites, but the list of known phishing sites is never complete.
02-14-2011 05:12 PM - edited 02-14-2011 05:23 PM
Wrong answer, because that is not the problem! I understand you and the problems you explain. Why don't you try to understand the real problem and why do you not listen to me!
Again, how can Norton give (see image) the site is safe and Norton did not even test this site, That is not possible, a big mistake and wrong. The only thing what Norton has to say in this case is Site is not tested, warning, be careful or something like that.
I hope that people in the Netherlands who are the victim's of a plundered bankaccount hold Symantec liable for damages and all loss of their money. Norton Internet Security has unequivocally stated that the site is safe and didn't hold any phishing (see image). Quilty as hell, a judge would say in the Netherlands!
02-14-2011 08:47 PM
We understand you are upset about this and we definitely sympathize with you. However it does not change that what SendOfJive told you is correct.
The indication that the site is "safe" as shown in your image only means that nothing was detected and one can click on Full Report for details.
I do agree that it would be better to show a ? instead of the OK symbol in a case where the site has not been tested but the OK indication still only indicates that no threats were "detected" and is never a guarantee of a websites safety.
You can feel free to suggest that the OK be replaced with a ? or some other indication by posting in the Norton Ideas Forum.
Finally it is not advised to click on links from within an email unless it comes from a highly trusted and known personal source.
Just sharing my thoughts on the matter.
02-15-2011 02:44 AM
I do not agree with you. I never said or wrote that the first reply was not correct and I even wrote I understand that and have no problems with that.
The problem is that Norton says the site is safe and contains no phishing and this indicates that Safe Web is completely wrong of course, nonsense, invented on the spot and a blunder of the first order. No test, don't draw any conclusions whatsoever!
02-15-2011 03:50 AM
The Hulk didn't mention, that the phishing site was a test.
On Pcwebplus.nl (a dutch forum for computer and mallware problems) was a discussion that NIS could catch all phishingsites.
I didn't agree....
So I've build a phishingsite and have send a few volunteers a phishing mail.
The phishing website was online for only 15 minutes, in order to protect my domain. There was no way that NIS or any other IS could recognize the website, because the online time was to short.
The story of safeweb is a bit sloppy, but even if Norton had reviewed my domain. It would had given the safe sign....
If you have any questions don't hesitate to contact me.
02-15-2011 05:21 AM - edited 02-15-2011 05:22 AM
Norton Safe Web fails miserably
It was a test but the results are obvious. It could easily happen in practice. Even worse, it's practice!
02-15-2011 09:44 AM
I do not agree with you. I never said or wrote that the first reply was not correct [ ... ]
Gosh, someone hacked your first reply then because it begins with:
<< Wrong answer, because that is not the problem! I understand you and the problems you explain. Why don't you try to understand the real problem and why do you not listen to me! >>
which apart from anything else is rude and condescending to someone trying to deal with your complaint.
02-15-2011 09:55 AM - edited 02-15-2011 09:59 AM
Thank you for the clarification, Lord-Vladimir. In one sense, The_Hulk is correct that it does not matter that this was a test, because what you did was essentially what most phishing sites do - pop up online for a short amount of time and then disappear. Most detections of phishing sites are based on reported instances that are compiled into shared lists by anti-phishing organizations. The phishing sites just do not stay up long enough to be visited and tested in a systematic way. Norton and Internet Explorer use heuristics to try to spot unknown phishing attacks, but of course the rules to convict cannot be overly strict, or the number of false positives at legitimate sites would be a serious problem.
I think the issue that The_Hulk raises is that Norton declares "This site is safe" to mean only that no phishing has been detected. To my mind this means no reports of phishing have been logged for the site by any of the organizations that track such things, and heuristics has not seen anything suspicious enough to warrant a conviction. However, I am sure that many people, like The_Hulk, feel that "This site is safe" would imply some sort of guarantee that the site, which may have only been up for 15 minutes, has been fully analyzed and studied.
I do think that by declaring "This site is safe" Norton suggests an absolute determination has been made, when in fact, the way phishing sites operate and are detected, nothing can be stated with such certainty. So The_Hulk's criticism of Norton's Antiphishing detection misses the mark, but his point that the wording of the site rating information could mislead people into believing a phishing site is actually safe has a lot of validity.
02-15-2011 10:29 AM
Thank you very much SendOfJive. You're the only one who understands the real issue. The whole point is that you must never give a conclusion or outcome when the site is not tested. Never write in that screen 'Site is safe', 'No phishing detected'. It isn't wright, it's wrong, you don't know, it's fantasy, fiction etc. etc.
When people read 'Site is safe', they automatically think, okay, it's safe, there is no danger.