- Related Stories
-
Interpol: Give us tools to fight cybercrime
March 21, 2006 -
Microsoft to fight phishers in Europe
March 20, 2006 -
CipherTrust toolbar adds phish net to e-mail
March 13, 2006 -
Firefox to get phishing shield
March 8, 2006 -
Kits help phishing sites proliferate
February 27, 2006
So, starting a few months ago, Eckelberry began taking some time out of his day to take action. He would analyze the phishing e-mail and contact the owner of the site hosting the scam, typically a hacked Web site on a server somewhere in the U.S.
"I was very surprised to find out that, pretty much in all cases, I was the only person reporting the site," said Eckelberry, who is president of Clearwater, Fla.-based anti-spyware toolmaker Sunbelt Software. "You would think a lot of stuff like this goes on, but it actually doesn't."
Eckelberry's frustration was shared by Paul Laudanski of CastleCops, an online security community. The two joined forces and this week, Sunbelt and CastleCops are officially launching a volunteer group, dubbed the Phishing Incident Reporting and Termination squad, or PIRT.
In the round-the-clock PIRT operation, the volunteer "handlers" around the world take in reports from consumers of suspected phishing Web sites and work to take the sites offline. On Friday, before its official launch, the group received 100 phishing reports, and 30 of those were shut down in a few hours, Laudanski said.
"We want to give the average consumer a way to jump in and help," Eckelberry said. "It is a personal passion because I know my mom is the kind of person who will click on this phishing link, no matter how many times I warn her."
Phishing outline
Phishing is a prevalent type of online scam in which attackers attempt to steal sensitive data such as user names, passwords and credit card details. The attacks typically combine spam e-mail and fraudulent Web pages that look like legitimate sites. That spells easy money for criminals, who sell the data they steal or use it to buy goods for resale, for example.
There are already a couple of places people can report suspected Web sites. There are add-on toolbars or built-in features in Web browsers that let people click and submit a URL. If these check out, they're added to a blacklist used by the company that provides the toolbar. That means the phishing information can be scattered among different software providers.
Alternatively, scam e-mails can be submitted to the Anti-Phishing Working Group, which stores the information in a database used by makers of security software and others, but takes no further action. The APWG, an effort backed by security companies, financial services providers and others, includes Symantec, McAfee and Microsoft as sponsors.
Despite industry efforts, phishing is still on the rise, and experts predict that scams will become increasingly sophisticated. A record 9,715 phishing Web sites were spotted in January, according to an Anti-Phishing Working Group paper (PDF here). The PIRT group aims to get consumers more involved in the phishing fight and bring down malicious sites more quickly.
The PIRT handlers, who must all have an established security track record, will analyze phishing e-mails and contact the host of the Web site, usually an Internet service provider, as well as the company whose customers are being targeted, Eckelberry said.
Additionally, the volunteers will share phishing reports with security companies, the Anti-Phishing Working Group and other efforts that exist to fight the scams, he said.
"We do not want to discount any of those efforts," Eckelberry said. "This is an additional layer to pick up any reports that were not submitted. We are seeing a large number of cases where phishing attacks are not reported."
Fighting fraud
Phishing hasn't gone unnoticed by the security industry. Companies such as MarkMonitor and RSA Security's Cyota take down phishing Web sites, but only for those that hurt paying customers of their antifraud services.
Industry efforts have reduced the average time a phishing Web site is online--five days in January 2006, compared with 6.1 days in July 2004, according to Anti-Phishing Working Group data. Still, some phishing Web sites were online for at least a month in both periods, according to the group.
PIRT hopes to be able to take down phishing Web sites in a matter of hours after receiving the report, Eckelberry and Laudanski said.
See more CNET content tagged:
phishing,
online scam,
scam,
Sunbelt Software,
volunteer
I was quite impressed by the reports from
SpamCop, which parsed the site URL out of the
spam message and automatically contacted
the site abuse contact
(the site received about 2000 hits and harvested
about 80 credit card numbers, a quarter of them bogus. We got about 40 SpamCop reports plus
mabye a dozen personal ones)
Lets say I was about to use an ATM machine and someone said the one over there has been compromised showing me he reported it. I might at first say thanks and then ask him which ones are OK. Ahh there's the trick online.
Crooks can spoof the site of a government agency and create a false sense of trust.
How do I know you are just a good citizen and not someone trying to trick me into trusting you. Yes people should participate but on a reportage level to official or industry reporting authorities but there has to be cross checking since vigilantes are often crooks in disguise.
Or worse, there is a safe door and they advertise by false reportage that the safe door is unsafe keeping people vulnerable to their attacks.
Basically, the day of the Minuteman who heard a horn or a call and ran to the common defense is over. However, the history like in Switzerland where every house is armed is a better metaphor.
If people have a technology or a solution that relies upon their compliance and keeping their PINs and code secrets then that would be perfect wouldn't it. Anyway thats what I think. Ciao now. Janet.
- go neighborhood!
-
by alek_nedic
April 18, 2006 2:10 PM PDT
- http://www.analogstereo.com/vacuum/miele_parquetry.htm
-
Reply to this comment
-
(4 Comments)