SpoofStick - make sure you are at the right site

Website - Freeware - Win2k, XP

Comments by ClifNotes and OneStep on 3/20/05

Notes

OneStep sent me an email recently. He told me all about SpoofStick and I just wish I had WinXP on this PC so I could try it out. OneStep is a dedicated security specialist in Australia. He's got a very helpful website, forum and business. If someone's hacking your computer, be sure to look him up.

Quote from OneStep

There's a new piece of freeware you should know about. It's called SpoofStick and is a browser extension for either IE or Firefox which can authenticate that the page being loaded is not a spoofed malicious one. Secunia structured a test last week and while all browsers were redirected to a different domain without so much as whimpered complaint, SpoofStick showed the real address was not the actual address.

Screenshot

click to expand

Quote from SpoofStick

What is SpoofStick? SpoofStick is a simple browser extension that helps users detect spoofed (fake) websites. A spoofed website is typically made to look like a well known, branded site (like ebay.com or citibank.com) with a slightly different or confusing URL. The attacker then tries to trick people into going to the spoofed site by sending out fake email messages or posting links in public places - hoping that some percentage of users won't notice the incorrect URL and give away important information. This practice is sometimes known as “phishing".

Feedback

From Eddie on 10/09/05

I have been using it for 18 months and it is terrific. It has saved me on two occasions. Once it picked up a spoof bank site where I do Internet banking, and the second time when it showed up E-Bay as a soofed site.