To surely prevent information from leaking by phishing which confuses data with normal one.
This information leakage prevention device monitors HTTP data on a transfer path from a Web server to a user terminal. Keywords in the HTTP data presented by a normal Web server are registered beforehand. Under one of the requirements that the contents of the keywords in the HTTP data of the other normal Web server is high in the received HTTP data, the data for phishing is detected, and the transfer of the detected data for phishing to the user terminal is interrupted.An allowable URL which is the URL of the data allowed to diplay the popup window is stored in the other HTTP data. The device discriminates whether or not a re-direct function to the allowable URL is described and a popup processing cord is described in the received HTTP data. By using presence of that description as one of the requirements, the device detects data for phishing. During the detection, the device interrupts the transfer of the data to the user terminal.
COPYRIGHT: (C)2008,JPO&INPIT