When we look back at 2010, one of the things we’ll remember is how ubiquitous social became online. Facebook exploded, Twitter grew up, people “checked in”, and almost every website seemed to develop some sort of social component.

Not surprisingly, people using OpenDNS — parents, IT administrators, sysadmins, district technology heads — noticed the same thing. Data collected on how people used Web content filtering in 2010 shows this fact: Facebook is the #1 most blacklisted site. And interestingly enough, it’s also the #2 most whitelisted site. Other sites that were frequently blocked include MySpace and YouTube.

Not surprisingly, Facebook was also a frequent target of online scammers. When we analyzed submissions to Phishtank in 2010, we saw that Facebook was the second most frequent website targeted by phishing websites. The #1 target for 2010 — and throughout every month of the year — was PayPal. PayPal accounts for an incredible 45 percent of all online phishes.

These statistics and more can be found in a report we’re publishing today, all about the Web content filtering and phishing data we saw in 2010. I encourage you to download it and read through it. There’s some fascinating information included in the report, including which sites are the most frequent target of online scammers, how businesses are filtering content, and what categories people most frequently block on their networks.

You can download the full PDF report here: http://www.opendns.com/pdf/opendns-report-2010.pdf

Did you see anything interesting online last month? Between blog posts, gaming sites, Facebook updates and breaking news, there was a lot to take in. One thing you probably didn’t see — if you are on an OpenDNS-protected network — were Phishing attempts.

Since we block these scammy and fraudulent Web sites, you might not realize how prevalent they are across the Internet. In July alone, we blocked almost one million phishing attempts. That’s how many times people on OpenDNS-protected networks saw the “phishing attempt blocked” page.

Even with the work we do to make sure you’re protected from seeing phishing sites, we can’t always catch everything. If you ever see a Web site or receive an email and aren’t sure if it’s legitimate, we’ve got you covered:

Five Easy Ways to Spot A Phishing Attempt

• Poor resolution: Phishing websites are often poor in quality, since they are created with urgency and have a short lifespan. If the resolution on a logo or in text strikes you as poor, be suspicious.
• Forged URL: Even if a link has a name you recognize somewhere in it, it doesn’t mean it links to the real organization. Read URLs from right to left — the real domain is at the end of the URL. Also, websites where it is safe to enter personal information begin with “https” — the “s” stands for secure. If you don’t see “https” do not proceed. Look out for URLs that begin with an IP address, such as: http://12.34.56.78/firstgenericbank/account-update/ — these are likely phishes.
• Generic greeting: Phishing emails are usually sent in large batches. To save time, Internet criminals use generic names like “First Bank Customer” so they don’t have to type all recipients’ names out and send emails one-by-one.
• Requests personal information: The point of sending phishing email is to trick you into providing your personal information. If you receive an email requesting your personal information, it is probably a phishing attempt.
• Sense of urgency: Internet criminals want you to provide your personal information now. They do this by making you think something has happened that requires you to act fast. The faster they get your information, the faster they can move on to another victim.

As always, we’re going to continue working on finding ways to improve the Internet and make it safer and smarter for our customers. For now, happy [and safe] surfing — and if you have a friend who could use protection from online phishing attempts, let them know about OpenDNS.

At last week’s Workshop on the Economics of Information Security — an annual conference held at Harvard — new research (PDF) was presented showing the link between pornography and malicious online practices. When the study’s researchers surveyed adult websites, they found that many were aimed at “manipulating and misleading a visitor to perform actions that result in an economic profit” for the Web site. Free sites used these tactics 34 percent of the time, while paid sites used them 11 percent of the time. What types of tactics are we talking about? According to the study, methods include:

1. Javascript catchers that hijack the user’s browser, making it difficult to leave a site.
2. Blind and hidden links that prevent an address from being displayed in a web browser’s status bar. This can be used to mask malicious activities, like cross site scripting or cross site request forgery attempts.
3. Redirection scripts that redirect users to different websites. This occurs on a server, so there’s no way for a user to know it might happen until they click.
4. Malware that triggers malicious behavior including “code execution, registry changes, or executable downloads.”

In addition to misleading activity, the level of malware found on adult Web sites was surprising to the researchers too; almost 3.5 percent of adult websites had this type of behavior, compared with previous studies that found less than one percent as malicious. Spyware and Trojan downloads were the most popular types of malware.

The good news is, it’s simple to block adult content and pornography with OpenDNS. In a couple of steps, you can nip the issue in the bud by blocking content you know causes issues on your computer and network. To block adult content, navigate to the Settings page and select the network you wish to manage. You’ll then see a Choose Your Filtering Level option under Content Filtering. To block all adult content, make sure to block the following five categories: Adult themes, Nudity, Sexuality, Pornography, and Tasteless.

Since we already block malware for all OpenDNS users (Enterprise users get more comprehensive coverage), blocking pornography is just one more step you can take to protect users on your network from coming in contact with malicious tactics online.

This week Facebook recommended OpenDNS on its Security Page, the place Facebook users are encouraged to go to learn how to stay safe on Facebook and on the Internet. OpenDNS is recommended because it takes the guesswork out of identifying phishing scams for you. Even if you click a suspicious link sent to you in a message by your Facebook friend, or posted on your wall, we’ll still prevent you from being fooled by showing you a warning. That’s a lot of incentive to use OpenDNS.

Like other social networks, Facebook seems to be working hard to eliminate phishing on its site. The more popular a site becomes, the more phishers are inclined to use it for phishing and saying Facebook has been gaining in popularity as of late is an understatement.

While Facebook has been growing its global user base we’ve been growing ours, and a big part of the reason people choose OpenDNS is our anti-phishing service. PhishTank.com has identified and verified more than 300,000 individual phishing scams, all of which are blocked for our users.

We’re thrilled Facebook recommends our service.

We just posted PhishTank statistics for April 2008. No major surprises: The United States is, for the thirteenth straight month, hosting more phishes than any other country; A group of large banks, eBay, and PayPal round out the top most spoofed brands; And the PhishTank community of submitters and verifiers continues to have an impressively high accuracy rate.

The headlines tell us the phishers are not giving up. Seemingly every week we see reports of a new type of phishing scam. This week it’s Google AdWords phishing, where AdWords account holders are sent emails alerting them their account needs updating. The account holder logs into the spoofed AdWords interface and hands over their credit card information.

The AdWords phishing scam is interesting to me largely because, in lots of cases, it’s targeting businesses. People understand identity theft. But what happens when a business’s identity is stolen? There’s no easier or more efficient avenue to get reimbursed for a business than for an individual. Basically, whether you represent yourself or your company, you have to go to your credit card company and beg for forgiveness. (Whether or not it should be the banks — some of the most commonly spoofed brands — that are responsible for reimbursing money stolen through phishing is part of a separate debate.)

And the spoofed AdWords account interfaces, at least the ones I’ve seen, are good. I can easily understand how the marketing person tasked with managing AdWords for their company could be fooled. I know plenty of small and mid-size companies that rely on online advertising to drive traffic to their site, and see huge dents in revenue when something goes wrong and the traffic doesn’t come. That marketing person has plenty of incentive to make sure their account information isn’t wrong and nothing is preventing potential customers from seeing their ads.

Experts repeat the same warning about AdWords phishing that we’ve all heard about phishing in general for years: Educate yourself about phishing and look skeptically at URLs. Remember that as a general rule, you won’t be warned via e-mail that your account has been compromised, so if you are ever encouraged via e-mail to login to an account and update information, proceed with caution and look closely at the URL you’re encouraged to click.

Take for example, one of the AdWords phishes someone submitted to PhishTank. See the “d0l9i.cn” in the middle of the URL? If you open a new window and load http://adwords.google.com/select/login, you’ll see the real site’s URL doesn’t include that series of characters. That should be a red flag.

[NOTE: This is a known, verified phishing site. We recommend you do NOT visit it.]

OpenDNS users and users of other services leveraging PhishTank data — McAfee, Opera, Yahoo! Mail, Kaspersky Labs, to name a few — have an extra line of defense when it comes to phishing — they benefit from PhishTank and the wisdom of the community. But it’s abolsutely a good idea to learn to look for inconsistencies in URLs and think twice before providing sensitive information online, whether it’s your own or your company’s.

And starting today, it is, between Anti-Phishing Working Group and OpenDNS.

This is a big day for us, folks, and for all of you who have worked to make our community site, PhishTank.com, the most authoritative source of phishing data on the Web.

Anti-Phishing Working Group is big, and has a member list boasting companies like eBay, Microsoft, Yahoo!, Verisign and Cisco. They’ve been at phish-fighting since 2003 and have made great progress in raising awareness about the seriousness of Internet crime.

We’re young, but growing at lightning speed. The human approach OpenDNS and PhishTank bring to the table is an incredibly important element to combatting the problem.

Anti-Phishing Working Group and OpenDNS make a great team and we’re excited about what we can accomplish together.

[Cross-posted to PhishTank and OpenDNS blogs.]

Opera and OpenDNS announced this morning that the latest version of the browser blocks phishing sites with PhishTank data. We’re pretty excited about it. (Just blogged about this over on the PhishTank blog, too.)

If you’re poking around the site because you were given the Gift of Safe by an Opera user, welcome.

If you have any problems setting up OpenDNS don’t hesitate to e-mail us at contact at opendns dot com. We’ll reply asap and help you get started. And once you’re all set, pay it forward. Give the Gift of Safe to everyone you want to protect from phishing sites.

If you’d like to add your story, send it along with a photo to gift of safe at opendns dot com. It’s a great way to show someone you care about them without spending any money.

There’s no denying it. The holidays are officially here.

My family will be en route to San Francisco by tomorrow morning and come early Thursday, the house will smell of baking turkey and sound of screaming football fans. (Not kidding about the screaming part. The neighbors have complained.)

It’s at this time of year, more than any other, that we’re compelled to pause and appreciate what we have – family, friends, health, a place to live and food to eat.

If you’re traveling to visit family or friends this week, I urge you to share your knowledge of OpenDNS and help keep them safe from phishing. Perhaps they don’t know what phishing is, even. Think about how much you’ve benefited from the service and know you can pass the benefit along. Take two minutes to add 208.67.222.222 and 208.67.220.220 to their Internet preferences and know you’ve done them a service – one that will give over and over again.

If you choose to share OpenDNS, tell us about it. We’d love to hear.

PS – A reminder to print the instructions out before you travel. If you don’t know what type of router your friends or family use, our single computer instructions for Mac and Windows are a good way to go.

PPS – If you live in a part of the world that doesn’t celebrate Thanksgiving, this is still as good a time as any to tell friends and family. Giving thanks shouldn’t happen only once a year, anyway.