3Com's subsidiary, TippingPoint, is set to announce Monkeyspaw, a new anti-phishing tool. The company said that the product uses the Greasemonkey scripting plug-in for Mozilla's Firefox browser to spot phishing websites, which pose as legitimate to harvest personal information or distribute malicious code.
Monkeyspaw consolidates features for researching phishing websites into one interface, said Tod Beardsley, lead counterfraud engineer at TippingPoint. Those features include determining the owner of a web server, collecting Web server configuration information, determining the location of the site, and reporting the site to CastleCops.
TippingPoint is giving the source code to the open source community and is encouraging others to build on the Monkeyspaw framework. TippingPoint is looking to the open source community to add features that improve reporting, analysis, and correlation of phishing data, Beardsley said.
Monkeyspaw joins a growing list of anti-phishing products: a recent Microsoft-sponsored study of anti-phishing products (which to no great surprise found that Microsoft had the best) counted no fewer than eight. Looks like we can make that nine now.
Additional reporting by Infoworld