RSSMicrosoft, eBay Join Anti-Phishing Push
By David Worthington | Published February 14, 2005, 6:47 PM
Recognizing the threat posed by "phishing" and the call to address the ensuing identity theft, WholeSecurity has activated a worldwide anti-phishing aggregation service. Initial participants include industry giants such as Microsoft, eBay, PayPal, and Visa.
The service, dubbed "Phish Report" is a reporting system where partners log in and deposit fraudulent Web sites into a central database. Real-time definitions of known phishing sites are dispatched to subscribers who will in turn blacklist the sites with "user-facing" security applications.
WholeSecurity invites any company that is impacted by phishing that meet its qualification criteria to join up and do its part to increase the effectiveness of Phish Report.
Phishing is the name given to a class of socially engineered attacks that attempt to rob users of their identity by luring victims to spoofed Web sites to obtain passwords, credit card numbers and other personally identifiable information. These attacks are frequently attempted via e-mail. Phishing has become so commonplace that America Online included phishing scams on its 2004 top 10 list of junk e-mail subject lines.
Phish Report's ultimate goal is to protect the end-user. "eBay and PayPal's participation in the Phish Report Network is one of many steps we have taken to improve security of the e-commerce experience," said Howard Schmidt, eBay and PayPal's chief security strategist and former White House cyber-security advisor. "As we co-develop technologies, educate online users and work with law enforcement, we can help significantly reduce the effect of cyber criminals."
Another solution devised by the industry to catch "phish" are organizations like the Anti-Phishing Working Group. These group cooperate with international law enforcement which has itself taken an active role by establishing the Digital PhishNet.
Industry leaders in technology, banking, financial services, and online auctioneering use PhishNet as a direct line of communication with law enforcement. PhishNet accepts aggregated data and distributes it to corresponding officials in federal, state and local agencies so that cyber criminals can be identified and apprehended.
this is a good start but ebay and paypal only protect you on there own sites, is microsoft going to do the same ?. if so then they are thinking way to small. i as one of millions of net users would like to do my bit to help stop shilshing so i use 2 tools to help one is spoofstick its a browser add-on and shows me the real url of the site im on the second is PhishGuard this is best as they say "PhishGuard is a simple, free software service. The first person to discover a suspected phishing scam can report the offending email or URL (website address), literally in seconds. There is no need to divulge any confidential information to the scammers. Within minutes, our monitoring team has verified the scam, and added it to the ScamBase™ database. Updates to the database are rapidly distributed to every participating computer, effectively immunizing them against the newly discovered scam."
i myself had had philsh emails from eBay, Citibank, PayPal, AOL, Visa, EarthLink, Microsoft, AT&T, Yahoo, and numerous others.
so ebay,paypal and microsoft let us the end user help you make the net a safer place
Score: 0
|