Anti-phishing software represents computer programs that try to identify phishing-suspicious content. These programs are often integrated with web browsers and e-mail clients, since these are the most susceptible places for a phishing attack.
The most common form is having a toolbar that displays the real domain name of the website that the viewer currently has in his focus. This is done in order to avoid fraudulent web pages to hide under the appearance of a legitimate one.
Stand-alone and integrated
Some stand-alone anti-phishing software exists and is quite heavily promoted. They are generally based on filtering the content displayed and/or downloaded by web browsers, e-mail clients and P2P programs. Many firewalls have such anti-phishing functions integrated.
Many Internet clients choose to include anti-phishing capabilities among their functions. Many web browsers and e-mail clients include such functions, as well as support for service-side features like mutual authentication.
Websites who might be the victims of fishing attacks often use special authentication methods, like mutual authentication through SSL or two-factor authentication to protect their clients. These protection methods are not necessarily specific to the IT industry. For example, two-factor authentication is the common authentication method for banks, where a user needs not just the bank card but also the PIN number to have access to the facilities provided by the card (a method known as Chip and Card authentication).