Cyveillance provides services that cover the entire spectrum of online risks - from fraud and identity theft, phishing and unli­censed product sales to corpo­rate espionage. For this month's Group Test review, Cyveillance submitted its anti-phishing offering, a zero-footprint, cloud-based solution.

Cyveillance Anti-Phishing prevents, detects and recovers from phishing and malware attacks. The solution addresses the entire case management lifecycle, including attack detec­tion. It uses its 24/7 monitoring of spam and the web's domain registration system, as well as phishing and malware site take­down, to automatically initiate takedown procedures once a fraud scheme is detected.

The Cyveillance tool empha­sizes four primary areas: preven­tion/early warning, detection, response and recovery. The pre­vention/early warning section relies on fraud anomaly detec­tion to monitor, in real time, for suspicious web traffic activity, suspicious new domain registra­tions and changes to existing registrations, as well as tracking and monitoring phishing kits traded on the so-called internet "underground."

Detection sources that are used by the anti-phishing engine include junk email box, hon­eypot accounts and feeds from partner ISPs and anti-spam companies. It crawls billions of web pages to identify fraudulent sites and continuously monitors the internet using crawling tech­nologies from registrars.

Cyveillance initiates phish­ing site takedown procedures through its 24/7 security operations center (SOC) with real-time status updated via the client's web-based portal. The company delivers this takedown service through its international network of contacts in the legal, government and internet service provider (ISP) communities.

The service also provides a real-time feed of validated phishing sites to partner ISPs and security companies to block access and/or alert their subscription-based members. Recovery services gather all forensic information, as well as any compromised custom­er data and monitors removed phishing sites to ensure that they do not go live again.