logo
Published on FierceFinanceIT (http://www.fiercefinanceit.com)

Sophisticated phishing scheme busted

By Jim Kim
Created May 24 2008 - 8:36am

The recent indictment of 38 individuals for running a phishing scheme that targets many banks and credit unions shines a light on the techniques that phishers now employ. It starts with spam that lures people to fake websites, where personal date is input. According to Information Week, that data was harvested by suppliers who forwarded the data via chat to cashiers. These cashiers used credit card encoding devices to capture the data on the magnetic strips of various cards. Runners then used the cards at ATMs to make actual withdrawals. Millions of dollars were said to be stolen. This is the sort of thing that keeps banks up at night. There are many solutions out there. The most aggressive are multi-prong. A good example is PayPal, one of the most targeted companies. Among other things, it intends to roll out better email authentication via the Sender Policy Framework (SPF) and DomainKeys, which would allow ISPs "to drop each email that isn't verified to be from PayPal," according to SC Magazine.  

For more:
- here's the Information Week article [1]
- here's an SC Magazine article [2]

Source URL:
http://www.fiercefinanceit.com/story/sophisticated-phishing-scheme-busted/2008-05-24

Links:
[1] http://www.informationweek.com/news/security/client/showArticle.jhtml?articleID=207801060
[2] http://www.scmagazineus.com/Winning-against-the-phishing-assault/article/109548/