Cyota, the leading provider of anti-fraud and online security solutions for financial institutions, announced today that it has successfully deployed the world's first solution designed to fight "pharming", also known as DNS Poisoning, a new type of online fraud attack.
The new solution enhances Cyota's FraudAction service, the banking industry's first anti-phishing solution, which is currently in use by dozens of global financial institutions.
Thirteen of Cyota's existing anti-phishing clients have already deployed the anti-pharming solution over the past eight weeks, including one major British bank, two large US banks, three US-based credit unions and several major global banks.
Cyota announced its Fraud Action service in January 2004, and the UK was the first market to deploy this type of solution. Today, the company operates a local data center out of London and serves four of the top five banks in the UK with its array of anti fraud services.
Based on its experience and expansive viewpoint of the global phishing and online fraud situation, Cyota was first asked by its customers to enhance its anti-phishing offering to include pharming back in August 2004. When deployed successfully, pharming (and specifically DNS Poisoning or DNS Spoofing) is extremely harmful and inflicts far more damage than a standard phishing attack. When online banking customers type in their bank's URL, a pharming attack redirects them to a spoofed Web site - an exact replica of the real bank site - where fraudsters simply "harvest" personal credentials in mass numbers.
Cyota's anti-pharming system constantly scans the internet looking for potential pharming attacks. The system alerts Cyota's 24x7 Anti-Fraud Command Center (AFCC) in suspicious cases, and each attack is then qualified by a Cyota fraud analyst. Cyota's AFCC has over 24 months experience dealing with phishing attacks and other online fraud incidents. Once a pharming attack is identified, the AFCC handles the attack similar to a phishing attack - it analyzes the attack, proactively shuts down the spoofed site, conducts forensics, deploys technical counter-measures and reports the results to the bank. To date, Cyota's AFCC has shut down more than 7,000 spoofed sites in 65 countries, and lowered the typical lifespan of an attack to five hours from an industry average of six days.
"Online fraud and phishing are evolving, and new types of threats such as pharming are surfacing at a rapid pace," stated Amir Orad, executive vice president of marketing at Cyota. "Cyota continues to innovate and develop new features and products dealing with online fraud; we are determined to evolve as fast as the fraudsters, and always stay one step ahead. With Cyota's anti-pharming and anti-phishing service, our clients are protected by the most comprehensive anti-fraud system in the world."
Additional Cyota anti-fraud and online security solutions include Cyota eSphinx, Cyota's invisible two-factor authentication for online banking;; Cyota eVision, an online banking anti-fraud and risk management system; and Cyota SecureSuite e-commerce authentication products supporting Verified by Visa and MasterCard SecureCode.