Will consumers use a new free service to protect themselves from dodgy websites?
A new, free service has been launched by IBM and two other industry bodies, the Packet Clearing House and the Global Cyber Alliance (GCA), with the aim of helping consumers and businesses to avoid websites that are known to be malicious.
Quad 9 uses 19 lists of web-based sites to identify those known to be used by phishing gangs. It works by getting users to re-set their routers’ DNS settings to 126.96.36.199. This blocks people from visiting known bad sites and helps users to avoid falling victim to phishing scams using websites that appear to be reputable financial organisations.
“Anyone anywhere can use it,” said Phil Rettinger, GCA’s president and chief operating officer.
The service, he says, will be “privacy sensitive,” with no logging of the addresses making DNS requests—”we will keep only [rough] geolocation data,” he said, for the purposes of tracking the spread of requests associated with particular malicious domains. “We’re anonymizing the data, sacrificing on the side of privacy.”
There is more information about the service here https://arstechnica.com/information-technology/2017/11/new-quad9-dns-service-blocks-malicious-domains-for-everyone/
Security experts are doubtful whether users will take advantage of the service.
According to an article on Quad 9 by the BBC: “Independent security expert Graham Cluley said relatively few people fiddled with the settings on their routers to change the way they found web addresses.
Getting across the benefits of switching would be a ” big challenge”, he said, given how reluctant people were to adopt other useful security technologies.
He pointed to the difficulties there had been in getting people to use password managers or VPN (Virtual Private Networks).
But as the numbers of people who have had money stolen through phishing scams continues to climb, perhaps it is time to take security a lot more seriously.