US task force trawls for phishers
10 December 2004 | 6041 views | 0
A coalition of US banks, ISPs, technology firms and federal law enforcement agencies have launched Digital PhishNet, the latest effort to tackle online phishing scams.
The group includes companies such as Microsoft, America Online, VeriSign and EarthLink as well as law enforcement agencies including the FBI, the Secret Service and the US Postal Inspection Service. A statement issued by Microsoft says the consortium includes nine US banks, four ISPs and five digital commerce and technology companies.
The anti-phishing group says the initiative will establish a single line of communication between the industry and law enforcement, so critical data to fight phishing can be compiled and provided in real time.
Dan Larkin, unit chief at the FBI's Internet Crime Complaint Centre (IC3), says: "Phishers create and dismantle these phony sites very, very fast, stockpiling credit card numbers, passcodes and other personal financial information over the course of just a couple of days, in order to avoid detection.
"Digital PhishNet is a powerful response to this type of online fraud because it facilitates critical data collection between a large number of the targets of these crimes - those who are on the front lines of the fight against phishing - and establishes a pipeline directly to law enforcement, in real time, before the phisher has had time to disappear back into the anonymity of cyberspace."
Bank of China and the Industrial and Commercial Bank of China have become the latest firms to be targeted by hackers. According to a report by Reuters, both banks identified spoof Web sites which were reported to the police.
The report says an account holder at Bank of China appeared to have lost over 20,000 yuan as a result of the online scam, but police were still investigating the case. The Industrial and Commercial Bank of China says its has also identified a fake Web site that invited customers to register account details, although nobody has claimed to have lost any money.
In Europe, Danish security research firm Secunia has also warned a flaw in popular browsers that could allow hackers to launch phishing attacks from pop-windows on legitimate Web sites.
Secunia says the "vulnerability" which is present in a number of popular browsers would enable hackers to "hi-jack" pop-up windows on trusted Web sites and change the content.