Will Inspector Brown Save Us From The Phishers?

Combatting phishing ain’t easy. So how does a new weapon, Inspector Brown, mentioned in a comment to an earlier posting here on phishing, shape up?

Inspector Brown is a program that sits between you and your browser (IE, only, I think, but the documentation is minimalist, to put it mildly) and warns you if a site you are visiting is a suspected phishing site: “The page you tried to access is a potential dangerous and fraudulent website,” you will be told. “You may be at risk for identity theft and financial loss if you continue with this website.” You can then choose to proceed or not.

Not a bad idea, but of course it relies entirely on the software knowing what sites are fraudulent, and this is where the system fails. The software checks a library of ‘known’ fraudulent websites updated by Inspector Brown, a bit like anti-virus software checks an internal library of known virus patterns. Unfortunately there are several problems with this:

  • The list depends on users submitting fraudulent websites, raising the question: Why would a user who is smart enough to recognise a fraudulent website need Inspector Brown?
  • Phishing sites are notoriously short term. Some are up only for a few hours before they are taken down, often after already doing serious damage. In this sense combatting phishing by a library of known phishing sites is as flawed as anti-virus software maintaining libraries of viruses. Unless the libraries move very quickly to not only update themselves, but update users, such tools arrive too late to help users. Indeed, phishing is even less suited to this approach, because phishing sites are no longer active after a few hours, whereas old viruses may still be floating around the Internet months, even years, after their creation.
  • The list itself is short and suspect: It includes, for example, legitimate commercial websites like Vsong.com, a Shenzhen-based manufacturer of computer and mobile phone accessories, and zapthedingbat.com, the home of celebrated anti-phisher Sam Greenhalgh. I’m sure he would be amused to find he is, according to Inspector Brown, ‘a Known Fraud’. Other peculiarities in the list are Visualsoft-tech.com, the website of VisualSoft Technologies, ‘a leading software solutions and product development company catering to diverse industry segments’ based in Hyderabad. InspectorBrown’s library calls it a ‘Bad Company’. Lawsuits, anyone?

Lastly, we just don’t know enough about Inspector Brown and how it appraises websites to trust its judgement. In this regard the company has got to be more open about what it’s doing and how it does it. All we know from the website is that the program is the work of Inspector Brown Software, based in Scottsdale, Arizona. There’s no registry data to work with. No support pages or help pages.That’s about it. Of course, they could argue it’s early days but as it stands I think Inspector Brown, with its poor documentation, eccentric library of fraudulent sites and quirky interface, only adds to the noise instead of reducing it.

22. July 2004 by jeremy
Categories: Security, Software, apps | Tags: , , , , , , , , , , , , , , | 2 comments

Comments (2)

  1. Just got an email from Rick Brown, who is involved in Inspector Brown. He writes with equanimity:

    “Just read your postings. And I can’t argue with you. We are in the early stages of development and are working hard at getting lots of people to try our software to beta test it and give us feedback.

    “Your feedback was invaluable and If you are interested, I’d like to send you an updated copy of the software shortly and show you what it can do. I’m looking forward to impressing you with our fraud fighting tool.”

    Expect a second look at Inspector Brown once they’ve ironed out the bugs. Thanks, Rick, for writing.

  2. Jeremy,

    Inspector Brown is updated and improved. We welcome your comments and contstructive criticism.

    Cheers,
    Rick Brown
    Inspector Brown Software
    http://www.inspectorbrown.com