• Home
• GOVERNMENT CXO
• E-GOVERNMENT
• CITIZEN ENGAGEMENT
• TAX AND REVENUE MANAGEMENT
• GOVERNMENT PROCUREMENT
• GREEN GOVERNMENT
• GOVERNMENT DATA MANAGEMENT
• GOVERNMENT SECURITY
• GOVERNMENT CLOUD
• GOVERNMENT ANALYTICS
• GOVERNMENT GIS
• CONNECTED GOVERNMENT
• DIGITAL INCLUSION
• EDUCATION IT
• HEALTHCARE IT

Government Security

Hong Kong develops anti-phishing tool

By Adrienne Valdez | 14 March 2011

Hong Kong City University has developed anti-phishing software to detect fraudulent web sites that trick online users into parting important personal information.

As phishing scams continue to be a threat in internet security, Hong Kong City University Assistant Professor, Dr Liu Wenyin, pioneered a research for phishing solutions.

According to Dr Liu, phishing attacks have become more and more sophisticated, eventually targeting the public sector as it leverages more on social media. Social networking sites are now a prime target of phishing, since the personal details in such sites are often vulnerable to identity theft.

Health and education sectors are also easy targets as both have large personal information databases. In addition, phishing may cause difficulties in law enforcement investigations, and loss of public trust in online service platforms.

“Users can report to us ‘suspicious’ web sites. We then track and uncover phishing targets. Data can be collected to identify the most targeted in phishing attacks. The software will serve as an effective watchdog tool. As the database grows, the monitoring can become more comprehensive,” Dr Liu told FutureGov.

Through an automated process, the contents of the reported website are downloaded to the server and are scanned for phishing indicators. Document analysis technology is used to “break down” a document into elements recognisable to computers, understand its structure, and recognise its components, including text, lines and symbols.

An online service version of the anti-phishing software- SiteWatcher, was also launched as a free tool to track and identify suspected phishing web sites.

---