Update: it seems Skweezer is green now, even though there haven’t been any new ratings besides mine. Maybe this post triggered a review? We’ll never know, and my concern about lack of transparency stands.
Phishing scams are a serious problem on the Internet. Thankfully this issue is getting more attention. While I consider myself immune to the pleas for my bank information, nevertheless (after reading some of the latest info about OpenDNS, which I intend to write about later) I recently installed the McAfee SiteAdvisor Firefox extension, which rates the sites you visit by safety. Naturally one of the sites I visit daily is skweezer.net. Imagine my surprise to see in my toolbar that both skweezer.net and greenlightwireless.net are flagged as dangerous by SiteAdvisor.
The entry for greenlightwireless.net has no ratings of its own, but is flagged evil because of its association with skweezer.net. Skweezer’s black eye, in turn, is because of a single user, “JoshMeister”, who on July 8 left this supremely insightful comment for Skweezer.net:
Phishing scam at http://www.skweezer.net/s.aspx/2/signin.ebay.com/ws/eBayISAPI.dll?SignIn
And that’s it: we’re officially evil. My hat is off to you, JoshMeister. I’m glad the Internet is full of network experts like yourself who can tell the difference between a phishing site and a transcoding service. My response to this false charge is on the SiteAdvisor site (I validated as the website owner) but if you would like to help us out and set the record straight, please register as a reviewer and leave a comment in our favor.
I am concerned about the ripple effect of things like this. How many users are warned off from our site for the wrong reason? I doubt that the reviewer was malicious (probably just mistaken) but what if this was a competitor that wants us censored or hamstrung? How many services or ISPs license SiteAdvisor’s database? What is the vetting process that McAfee takes here? Each reviewer has a “reputation score”, but we were nailed by a single reviewer with a score of 2/7. Frankly I’m glad that anti-phishing services like this exist, but I’m concerned with one that relies too heavily on a community of users to provide a service that would otherwise be to expensive to staff properly. If this passed an internal review process, then the process is not thorough enough; otherwise, Skweezer.net would never have gotten flagged.
Barnabas,
Very very good post. Let me give you some hints on what we can do to help.
First, we can whitelist your service but then that would allow a way for phishers to bypass our technology. What would be better than that would be to have you use a public API which we will make available at http://www.phishtank.com/ in your application so that when we whitelist you we know that you are continuing to block malicious hosts.
The data on phishtank will be fully accessible and viewable by anyone and can be verified and vetted. It will be totally transparent as to how things end up and are removed from our system and feeds.