Facebook has announced a new tool for website owners that will alert them about phishing attacks on their platforms.
With phishing websites usually trying to trick people into revealing their passwords, credit card numbers, or other sensitive information, the new tool will alert website owners of these scams so that they can take action to protect their domain and the people coming to their websites.
Advertisement
A blog posted late on Wednesday by security engineer David Huang and software engineers Bartosz Niemczura and Amy Xu says: “We are extending the capabilities of our Certificate Transparency Monitoring tool to make it easier for developers to learn about new domains that are maliciously created to implement phishing attacks.”
The tool was announced during the F8 annual developer conference in San Jose on 2 May. The two-day Developer Conference concluded on May 2.
Facebook says it has been using “Certificate Transparency Logs”, which are designed to keep a record of all valid security certificates issued by publicly-trusted Certificate Authorities, to monitor certificates issued for domains owned by it. It claims to have created tools to help developers take advantage of this approach. Using these tools, they can learn about certificates that are mis-issued for the domains they control.
“We are extending the capabilities of our Certificate Transparency Monitoring Tool to send alerts when certificates are issued for potential phishing domains,” says the post, adding: “Every time a new certificate appears in any public Certificate Transparency Log, our tool analyzes the domains specified by the certificate for phishing attempts by taking into consideration the most common spoofing techniques — such as those described above.”
If the tool suspects the domain is likely associated with phishing, it can notify subscribers of the tool for the legitimate domain “by sending email, push, or on-site notifications, depending on their preference”, says the post.
How to respond to a phishing attempt
Facebook says if you receive a notification about a phishing attempt, and you are sure it is trying to copy your site, you can:
* Contact domain registrars with a plea to suspend bad domains citing intellectual property infringement.
* Ask browser vendors to blacklist the bad domains and display UI warnings indicating deceptive websites.
* If possible, you can reach out to the relevant Certificate Authority and ask it to revoke certificates for the phishing domain.
* Tell people coming to your website to increase their vigilance and educate them on how to protect themselves in case of an attack