facebooktwittergoogle_plusredditpinterestlinkedinmail

David Ulevitch and the team behind OpenDNS have launched a cool new social networking-type service to combat “phishing” — those fake emails from eBay and PayPal that try to get you to type in your account details so they can boost them and go on a spending spree. It’s called the PhishTank, and it’s designed to be a central repository for phishing emails that anyone can contribute to. Users can also help to verify phish attacks, which in turn should help services such as OpenDNS block them before they hit your mailbox.

There are a couple of interesting things about PhishTank, including the fact that it has an open API (application programming interface), as Paul Stamatiou notes, which means that anyone can design an application that makes use of the data in PhishTank in different ways. The service is also working on toolbar buttons for Thunderbird and Outlook that will allow users to send a suspected phish to the tank with a single click. There’s also a bit of community built in, with pages that rank the top submitters and verifiers.

phishing

In an interview with David last week, I asked why anyone would want to devote their time to verifying or submitting phishing attempts. It’s easy to see why someone would be attracted to uploading and sharing photos at Flickr or videos at YouTube, but phishing attacks? His response was that hundreds of people were already doing that even before there was a community — by sending emails to OpenDNS. In fact, he said that the PhishTank was in part a way of dealing with the volume of such submissions, by effectively outsourcing part of the job of verifying them.

That’s a smart use of Web 2.0, it seems to me, and could potentially kill two birds with one stone. Whether it actually becomes a community or not is almost irrelevant, since it has already taken a load off OpenDNS in a sense. And David definitely has some experience with a bottoms-up startup — his first venture, EveryDNS, was started “in college as a kind of beer fund, then it gradually became a college fund, and now it is much more.”

It may have a small set of about 100,000 users, he says, but “they are some of the very top geeks” including senior scientists at Microsoft and Sun. David himself is such an uber-geek that he is user number 18 on Slashdot, the venerable geek forum.

About the author

Mathew 2430 posts

I'm a Toronto-based senior writer with Fortune magazine, and my favorite things to write about are social technology, media and the evolution of online behavior

One Response to “Drop those phish in the Phishtank”
  1. […] http://www.phishtank.com/ is a repository for phishing emails with an open API. Go to the Mathew Ingram post on it to have more information.Technorati Tags: phishing, Phistank, opendns […]

Comments are closed.