Service Provider Name: PhishFort
Leader(s): Lucas Sierra, Matt Marx
Pledge to abide by the DAO’s Code of Conduct (or link to your own): yes
Pledge to abide by the Accountability Guidelines: yes
Domains of Operation: security
Key Objectives & Success Metrics:
Summary:
Phishfort offers a comprehensive protection against phishing plus brand protection, adding deep knowledge and experience on takedowns.
Abstract:
The Internet can be a very big blind spot for brands and projects, making it difficult to continuously find and deal with attacks on a timely and effective manner.
PhishFort is committed to fighting Phishing and brand abuse, making a safe space for brands and users.
Motivation:
We are aware of the rise of Phishing attacks that Balancer has experience after the security incident. This is detrimental not only to the users but to also to the brand’s reputation.
Specification:
We rely on a two part strategy, through a combination of automation and the work of professionals. The first part consists of finding the threats, and the second part is removing them from the internet.
Finding Threats
We use specific programs called harvesters to retrieve information from the sources we have identified to be the best fit. This creates a daily influx of information that needs to be sorted to find where possible threats are. This very big array of data gets processed by our AI, to finally create a list of possible threats that will be further investigated by our 24/7 operations team.
- Detection
- Blocklist
- Takedown
Social Media monitoring
Social media phishing up 100% this year. We monitor and takedown imposter accounts across major platforms
Proactors:
We have created technology designed to interact with scammers on social media at the moment they are creating an attack, including a Twitter honey pot, discord bots, and more to come.
TAKEDOWNS
Once we have identified an attack, we remove it. To do this we blocklist every threat and at the same time proceed to remove it
Phishfort BLOCKLIST:
- Every attack we find is blocklisted.
- Our Blocklist is consumed by many actors: Web Browsers, Anti viruses, Internet providers, specific Web 3 actors (like Metamask) and many others. It currently reaches more than 418 MAU
- This is instantaneous and it creates a FIRST LAYER OF DEFENSE before the takedown happens.
- After the takedown is completed it remains on our blocklist for a year, preventing future attacks on the same url.
THE TAKEDOWN
The removal of the URL, the social media account or the app.
We do it through a wide network of registrars and host providers. We are directly integrated with some
Everything we do it’s based on evidence collection. We know what they require to execute a takedown
Managed Intervention : Our takedown process is totally hands free - we don’t require you to lift a finger.
Legal team on board. We use legal procedures like DMCA.
Real time tracking: Follow and track the entire process on our dashboard.
Communications
-
Balancer’s team will have a private communication channel (Discord or Slack) shared with our 24/7 operations team. Every query and report is immediately attended to.
-
Free plugin: we have a free browser plugin that feeds out from our Blocklist. You can check if we have flagged a site as dangerous and you can report a site.
-
The Dashboard: Balancer’s team will have access to the dashboard where we show all the information of every incident that we find. The team can report incidents and download reports through the dashboard.
Some of the projects that we protect:
Pricing
We can offer a package that includes comprehensive detection across websites, social media, and apps, along with unlimited takedowns. To determine the price, we can run a free trial if there’s enough agreement from the community regarding our proposal. The trial will help us estimate Balancer’s annual activity to determine the price. Additionally, the team will have the opportunity to review all the incidents we post on our dashboard and become familiar with the platform.
Length of Engagement & Budget: Our contracts are annual and payments are performed quarterly
ETH Address to Receive Funds: to be confirmed after proposal’s agreement
Link to SLA (if going through the Foundation: We can update the post with the SLA once the proposal is approved.