Facebook new tool to alert websites owners on phishing attacks
Facebook has announced a new tool for website owners that will alert them when there is a phishing attack on their platforms.
With phishing websites often trying to trick people into telling their passwords, credit card numbers, or other sensitive information, the new tool will notify website owners of these scams so that they can take precautions to protect their domain and regulate the people coming to their websites.
A blog that was posted late on Wednesday by security engineer David Huang and software engineers Bartosz Niemczura and Amy Xu said: “We are extending the capabilities of our Certificate Transparency Monitoring tool to make it easier for developers to learn about new domains that are maliciously created to implement phishing attacks.”
The tool was announced during the F8 annual developer conference in San Jose on 2 May. The two-day Developer Conference concluded on May 2.
Facebook says it has been using “Certificate Transparency Logs”, which are designed in a way to keep a record of all valid security certificates issued by publicly-trusted Certificate Authorities and to monitor certificates issued for domains owned by it. It claims to have created tools to help developers take advantage of this approach. Using these tools, they can learn about certificates that are tampered for the domains they control.
“We are extending the capabilities of our Certificate Transparency Monitoring Tool to send alerts when certificates are issued for potential phishing domains,” says the post.
The post further added; “Every time a new certificate appears in any public Certificate Transparency Log, our developed tool analyzes the domains specified by the certificate for phishing attempts by taking into consideration the most common spoofing techniques — such as those described above.”
If the tool detects the domain is in one way or the other belongs to phishing, it can notify subscribers of the tool for the legitimate domain “by sending email, push, or on-site notifications, depending on their preference”, says the post.
How do you respond to a phishing attempt?
Facebook says if you receive a notification about a phishing attempt, and you are sure it is trying to copy your site, you can:
- Contact domain registrars with a plea to put to a stop bad domains citing intellectual property infringement.
- Ask browser vendors to blacklist the bad domains and display UI warnings indicating deceptive websites.
- If possible, you can reach out to the relevant Certificate Authority and ask it to revoke certificates for the phishing domain.
- Tell people coming to your website to increase their vigilance and educate them on how to protect themselves in case of an attack