Fighting Phishing http://www.pcmag.com/print_article/0,3048,a=114170,00.asp December 8, 2003 By Sebastian Rupley Phishing, e-mail and Web-based efforts by online scammers to hijack personal information from unsuspecting users, faces a new obstacle. A group of global banks and technology companies have joined forces to fight the scams. The group is running a Web site, Anti-Phishing.Org (www.antiphishing.org <http://www.antiphishing.org>), where those who have received phishing messages can report them, and personnel will follow up by trying to track down the originators of the scams. Tumbleweed Communications started the Anti-Phishing.Org effort with the participation of a number of banks (the majority of phishing e-mails appear to come from financial institutions), but the list of partners now includes many technology companies. Bank of America and Wells Fargo were among some of the early banks to form partnerships with Anti-Phishing.Org, says Dave Jevans, senior vice-president of marketing at Tumbleweed Communications. "We're putting an infrastructure in place so there will be people who can respond to phishing reports in a timely fashion," says Jevans. "That's critical because the Web sites designed for collecting personal information in phishing attacks are often only in place for a day or two." Following his interview with PC Magazine, Jevans forwarded an example of a current phishing attack that the Anti-Phishing.Org team was tracing on Monday morning. The e-mail in question appeared to come from UK bank NatWest, and asked for personal account information to be provided at a Web address. Anti-Phishing.Org personnel were able to track the IP address the e-mail was sent from, and although officials think the e-mail originated in Europe, the IP address of the message turned out to be for a computer in San Francisco. Anti-Phishing.Org officials, with the help of Pacific Bell, turned up the name and street address for the owner of the computer immediately after the phishing message had been sent. Clearly, though, the message was spoofed?relayed from a hijacked computer, making the true origin hard to trace. "The owner of the computer probably had no idea he'd been hacked," says Jevans. The Anti-Phishing.Org team is currently tracing about 20 reports of phishing attacks, according to Jevans. "It's very hard to put real numbers on the damages companies are suffering because of phishing," he adds. "Part of that is because the major banks don't want to divulge the amount of losses they're seeing for fear that it will damage their online banking businesses. But just to give one rough example, a major Australian bank has put several million dollars in reserve since August to cover damages from phishing." Phishing attacks can appear to come from places other than financial institutions <http://www.eweek.com/article2/0,4149,1401000,00.asp>, though. As PC Magazine reported on December 3 <http://www.pcmag.com/article2/0,4149,1402431,00.asp>, the magazine's editors received a phishing message purportedly sent by eBay, complete with a very official-looking eBay logo and header. That attack was followed up by another official looking message received by a contributor to the magazine in which the message appeared to be from Visa. Jevans was aware of the Visa scam making the rounds. One of the primary rules in avoiding being a victim of phishing is to never respond to e-mail requests for personal and financial information. Jevans says it's no surprise that phishing messages often appear to be very official-looking communications from big companies and are increasingly well edited. "The people behind these attacks are getting smarter," he says, "because they realize there's something to this now. There's money." Copyright (c) 2003 Ziff Davis Media Inc. All Rights Reserved. **************************************************** To unsubscribe from this list go to: //www.freelists.org/list/nospam ****************************************************