Howis it possiblethatNortonclassifiesaPhishingSite as safe?Ihave received afakee-mailand it wasnot consideredto beSPAMandthesenderwas"INGBank" (not really of course).Whenopeningthe e-mailyou can click onalinkandyou have writeyour usernameand password. Of course it is toolateifyou do so.
Nortonsaysthat the site issafe and does notcontainphishing.Nortonsayson another (next) pagethat thesitehas not been tested.This of course a big mistake. How cannotgivethe advicethatthe siteis secure!Abigmistake and a blunderofthefirstorder.
Efforts by every organization that combats phishing are aimed at compiling a list of sites that are known or suspected to engage in phishing. The lists are always changing because phishing sites do not stick around for long. The average phishing site stays online from only a few hours to a couple of days. Nobody can possibly catalog all of the phishing sites that are operating at any given time. Anti-phishing organizations share information as sites are reported, but obviously new sites spring up all the time. There are several organizations that spearhead the tracking of phishing sites, but the list of known phishing sites is never complete.
Wrong answer, because that is not the problem! I understand you and the problems you explain. Why don't you try to understand the real problem and why do you not listen to me!
Again, how can Norton give (see image) the site is safe and Norton did not even test this site, That is not possible, a big mistake and wrong. The only thing what Norton has to say in this case is Site is not tested, warning, be careful or something like that.
I hopethatpeople in theNetherlandswho arethevictim's of a plundered bankaccount hold Symantecliablefordamages and all loss of their money.NortonInternet Security hasunequivocallystatedthat the site issafeand didn't hold any phishing (see image). Quilty as hell, a judge would say in the Netherlands!
We understand you are upset about this and we definitely sympathize with you. However it does not change that what SendOfJive told you is correct.
The indication that the site is "safe" as shown in your image only means that nothing was detected and one can click on Full Report for details.
I do agree that it would be better to show a ? instead of the OK symbol in a case where the site has not been tested but the OK indication still only indicates that no threats were "detected" and is never a guarantee of a websites safety.
You can feel free to suggest that the OK be replaced with a ? or some other indication by posting in the Norton Ideas Forum.
Finally it is not advised to click on links from within an email unless it comes from a highly trusted and known personal source.
I do not agree with you. I never said or wrote that the first reply was not correct and I even wrote I understand that and have no problems with that.
The problem is that Norton says the site is safe and contains no phishing and thisindicatesthatSafeWebiscompletelywrongof course,nonsense,inventedon the spotandablunderofthefirstorder.Notest, don't drawany conclusionswhatsoever!
The Hulk didn't mention, that the phishing site was a test.
On Pcwebplus.nl (a dutch forum for computer and mallware problems) was a discussion that NIS could catch all phishingsites.
I didn't agree....
So I've build a phishingsite and have send a few volunteers a phishing mail.
The phishing website was online for only 15 minutes, in order to protect my domain. There was no way that NIS or any other IS could recognize the website, because the online time was to short.
The story of safeweb is a bit sloppy, but even if Norton had reviewed my domain. It would had given the safe sign....
The discussion on pcwebplus can be found here. A English translation can be found here (google translate ;) )
If you have any questions don't hesitate to contact me.
I do not agree with you. I never said or wrote that the first reply was not correct [ ... ]
Gosh, someone hacked your first reply then because it begins with:
<< Wrong answer, because that is not the problem! I understand you and the problems you explain. Why don't you try to understand the real problem and why do you not listen to me! >>
which apart from anything else is rude and condescending to someone trying to deal with your complaint.
Thank you for the clarification, Lord-Vladimir. In one sense, The_Hulk is correct that it does not matter that this was a test, because what you did was essentially what most phishing sites do - pop up online for a short amount of time and then disappear. Most detections of phishing sites are based on reported instances that are compiled into shared lists by anti-phishing organizations. The phishing sites just do not stay up long enough to be visited and tested in a systematic way. Norton and Internet Explorer use heuristics to try to spot unknown phishing attacks, but of course the rules to convict cannot be overly strict, or the number of false positives at legitimate sites would be a serious problem.
I think the issue that The_Hulk raises is that Norton declares "This site is safe" to mean only that no phishing has been detected. To my mind this means no reports of phishing have been logged for the site by any of the organizations that track such things, and heuristics has not seen anything suspicious enough to warrant a conviction. However, I am sure that many people, like The_Hulk, feel that "This site is safe" would imply some sort of guarantee that the site, which may have only been up for 15 minutes, has been fully analyzed and studied.
I do think that by declaring "This site is safe" Norton suggests an absolute determination has been made, when in fact, the way phishing sites operate and are detected, nothing can be stated with such certainty. So The_Hulk's criticism of Norton's Antiphishing detection misses the mark, but his point that the wording of the site rating information could mislead people into believing a phishing site is actually safe has a lot of validity.
Thankyouvery much SendOfJive.You're theonly one whounderstands the real issue. Thewholepoint isthatyou must never give aconclusionoroutcomewhen the site is not tested. Never write in that screen 'Site is safe', 'No phishing detected'. It isn't wright, it's wrong, you don't know, it's fantasy, fiction etc. etc.
When people read 'Site is safe', they automatically think, okay, it's safe, there is no danger.
The point is, that people like The_Hulk demand that your software protects them against everthing.....
That they can click on every shady link and nothing wil happen to them.
The truth is, that you are always running 1 or 2 steps behind scammers, mallwarewriters, etc
The safeweb is a bit sloppy and the idea of a questionmark is not that bad. Show the people that Norton hasn't tested the website yet. This would give a greater value to the site witch already been tested.
But make sure that the data is correct! There are some big fails in you 'white' list! Click!
Internet safety starts with your own eyes and guts, every AV is just a web with some gaps in it and won't protect you against the dangers of the internet.
As for The_Hulk....
He found out how the real world works and that made him a bit green and blatant. Just like the real thing
Edit:
Quote Hulk:
Never write in that screen 'Site is safe', 'No phishing detected'. It isn't wright, it's wrong, you don't know, it's fantasy, fiction etc. etc.
Please stop crying.
No phishing detected was correct, NIS couldn't know it was a phishing site. Why? Because I know the rules and made the site not recognizable as a phishingsite..... The same with the phishing Email, are you gonna accuse your ISP for not recognize it as spam? Have you written Spamassasin yet? Welcome to the real world!
@Lord-Vladimir, you told me I was telling lies and you were correct. I say Norton is telling lies by giving the statement 'Site is safe'. But as in the past Microsoft, Symantec and even you don't listen to ordinary people and users of sofware. You are better, know more and stand above people. I give a **** and give a **bleep**, because I'm honest and work for a good course.
Of course I'm very disappointed. I'm using several Norton products, Norton Utilities, NIS, Norton 360 and Ghost. But when a product tells me lies, it's over.
I do stand above people, I do know more and I'm better then everybody else!
But there is no reason to attack Norton and scream like a little child. You claim to be a scientist, please behave like one and do your research. You will see, that no AV can meet your standards.
The issue here is proper system design. Norton shows a visual clue - green - to indicate a site is safe. Yes, additional detail is provided but is the average PC user going to go through the additonal effort of really doing the additional checking? The answer in most cases is no. Is this not a piece of sotware sold as "the savior of the masses?"
Fix the problem, Symantec. This isn't freebee software where you have to take what you get. This is paid subscription software and pricey at that.
Oh many of us understand what you say more clearly now in a few words than in all the rest of your emotes.
This point has already been raised by some of us and I suggest you could usefully post in the Norton Ideas Forum since that is precisely intended fo posting suggestions on improvements, new products and so on. Have a look through the existing posts there and if you find it has been posted then add a Kudos to the first message since that is what Norton keeps an eye on, and we are told that that Norton Ideas Forums area is monitored by many more of Norton management than are active here in the forums.
This point has already been raised by some of us and I suggest you could usefully post in the Norton Ideas Forum since that is precisely intended fo posting suggestions on improvements, new products and so on. Have a look through the existing posts there and if you find it has been posted then add a Kudos to the first message since that is what Norton keeps an eye on, and we are told that that Norton Ideas Forums area is monitored by many more of Norton management than are active here in the forums.
And that, gentlemen, is your job.
I don't use any products of Norton. My commen sense and Avast has kept me safe for years.
Every bit of software has its flaws and instead of shouting "The piece of software sucks!" you can contribute the mistakes and help to make a better product.
Norton is reliable, but you still need a bit of commen sense!
Thankyouvery much SendOfJive.You're theonly one whounderstands the real issue. Thewholepoint isthatyou must never give aconclusionoroutcomewhen the site is not tested. Never write in that screen 'Site is safe', 'No phishing detected'. It isn't wright, it's wrong, you don't know, it's fantasy, fiction etc. etc.
When people read 'Site is safe', they automatically think, okay, it's safe, there is no danger.
Hi The_Hulk,
Incorrect, I understood perfectly from the start what your complaint is and even agreed to the point that it would be better for it to show a ? or something instead of OK or safe so that it is more readily visible without having to drill down in the details. This is also why I suggested posting in the Norton Ideas forum.
Honestly, the problem I had with your approach is that you seem to be approaching this from a negative and vindictive standpoint intead of a more positive approach whereby you make your point and then use "positive" encouragement to try and effect a change. This is what posting on the Norton Ideas forum accomplishes.
I think you will find that your point goes over better when approached this way instead of statements you made like the following:
I hopethatpeople in theNetherlandswho arethevictim's of a plundered bankaccount hold Symantecliablefordamages and all loss of their money.NortonInternet Security hasunequivocallystatedthat the site issafeand didn't hold any phishing (see image). Quilty as hell, a judge would say in the Netherlands!