June 22, 2004 7:47 AM PDT

MasterCard tackles phishing

Credit card giant MasterCard announced on Tuesday a new initiative aimed at fighting the growing problem of online fraud, specifically the emerging threat of "phishing" schemes.

Purchase, N.Y.-based MasterCard, the second-largest provider of credit cards in the United States, said it is teaming with NameProtect, a maker of security software, to pursue individuals involved with various forms of Internet scams. While the effort will address illegal practices such as identity theft and the sale of stolen credit card information, it will focus primarily on phishing, a process whereby criminals use misleading e-mail and fake Web sites to dupe individuals into sharing personal data like passwords.

The initiative was launched at MasterCard's Global Risk Management Symposium. The company is also using the conference, which is taking place this week in San Diego, to showcase antifraud support from several federal agencies, including the U.S. Postal Inspection Service and the U.S. Department of the Treasury.

"The key to this initiative is our ability to communicate very quickly with all of the 21,000 financial institutions that we do business with worldwide," said Sergio Pinon, senior vice president of MasterCard's security and risk services group. "We need to protect consumer confidence in the payment systems being used online, and we know the banks and other financial companies will embrace the effort immediately."

Phishing has grown rapidly over the last year, according to the latest data from industry watchers. Last week, Stamford, Conn.-based market research firm Gartner reported that illegal access to checking accounts, often gained via phishing scams, has become the fastest-growing form of consumer theft in the United States, accounting for a staggering $2.4 billion in fraud in the previous 12 months.

MasterCard said the goal of the partnership is to attack proprietors of phishing rackets before they can begin ripping off consumers' sensitive data, rather than chase down criminals after they've victimized people.

The company said it would use NameProtect's software to locate fake Web sites and other phishing hot spots as they first appear online and work with law enforcement agencies to shut the scams down before large numbers of consumers are tricked.

NameProtect, which identifies itself as a "brand protection provider," scours the Web for phishing activity via a number of digital feeds, including domain registration records, spam e-mail reports and online auction sites. The Madison, Wis.-based company currently maintains an index of more than 6 billion Web sites that it monitors for suspicious activity.

The companies indicated that MasterCard will also utilize NameProtect's technology to defend against criminals attempting to use the credit card company's own brand to lure unsuspecting consumers into their rackets. The effort will also target Web sites distributing information on how to build phishing operations.

Pinon said MasterCard has received positive feedback from a number of law enforcement groups regarding the effort, including the Secret Service and the FBI, which have already assigned agents to work alongside the credit company's antiphishing team.

"We must help consumers protect themselves and use a system of escalation to get ahead of criminals and stop them before they can hurt large numbers of people," Pinon said. "We've found that law enforcement officials are already hungry for this sort of information, so we think we can really make a difference."

1 comment

Join the conversation!
Add your comment
so why can i still inject content onto mastercards website...?
It very nice of mastercard to go out and 'phite' 'phishing' scams for us all, but they have neglected to do anthing abou the fact thatwe can still inject content onto their own site!

You can see it done here:

<a class="jive-link-external" href="http://www.zapthedingbat.com/security/scriptinjection/" target="_newWindow">http://www.zapthedingbat.com/security/scriptinjection/</a>
Posted by (1 comment )
Reply Link Flag
 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.