Phishing sites usually do not run on \”known\” bad URLs. According to this study, 76% of the phishing sites on the internet are being run from compromised servers. IE7, OpenDNS, and most UTMs maintain anti-phishing blacklists, but if phishing sites are free to move around on compromised servers that also house legitimate sites, anti-phishing blacklists are of limited value. AGAIN, AWARENESS AND EDUCATION ARE THE FIRST LINE OF DEFENSE. We also cannot depend upon AV software to protect the unwary. This book excerpt shows a phishing attack from August, 2008 that slipped a trojan past 34 of 37 popular AV software packages (including NOD32). AV is part of the arsenal against attacks, but it is far from bulletproof. If your doctor prescribes Lipitor for your high cholesterol, you should take it – but that does not guarantee that you will never have a heart attack (credit for that analogy goes to Scott Ledyard).
Dennis H in West Virginia, US
March 4, 2009