A Google patent application from this morning describes a process of presenting an image overlay and disabling links on Web pages that are determined to likely be sites involved in attempting to masquerade as trustworthy to collect sensitive information from visitors, such as passwords or financially sensitive information.
Browser system and method for warning users of potentially fraudulent websites
Invented by Cynthia Y. Kuo, Fritz J. Schneider and Collin E. Jackson
US Patent Application 20070130327
Published June 7, 2007
Filed: December 5, 2005
A user is warned of a potentially fraudulent document, such as a webpage, by a warning message that is overlaid on top of the document and of the browser chrome. The warning message is associated with a warning icon displayed in the browser chrome.
The potentially fraudulent document is rendered in the browser such that the links within are not accessible to the user. The rendering may include superimposing an image over the document or rendering a snapshot of the document instead of the document itself.
This method would involve determining fraud by checking the web address against a blacklist, or looking at a set of rules (heuristics) to determine if the page showed signs of containing fraudulent content.
The overlay described in the abstract is a purposeful alternative to pop-ups, which many people dislike. I’ve seen my share of ads that “warn” you about the dangers of “being online” and the security risks you take “connecting to the Internet.”
The blacklist may contain specific URLs or URL patterns (e.g., www.badoperator.com/*).
The heuristics may include rules that consider:
- The age of the domain (very new domains may be more likely to host a phishing site),
- The physical location (e.g., the country) of the domain name owner,
- Similarity of the URL to a legitimate URL that is often targeted,
- PageRank status of the URL,
- A comparison of a fingerprint of a document’s content or document structure with the fingerprints of known targets, and identifying documents that contains the logos of known targets.