FierceFinanceFierceFinanceITFierceComplianceIT   FierceCIO

Sophisticated phishing scheme busted

May 22, 2008 — 9:30am ET | By Jim Kim

The recent indictment of 38 individuals for running a phishing scheme that targets many banks and credit unions shines a light on the techniques that phishers now employ. It starts with spam that lures people to fake websites where personal data is input. According to Information Week, that data was harvested by suppliers who forwarded the it via chat to cashiers. The cashiers used credit card encoding devices to capture the data on the magnetic strips of various cards, with runners then using the cards at ATMs to make actual withdrawals. Millions were said to be stolen. This is the sort of thing that keeps banks up at night. There are many solutions out there, but the most aggressive are multi-prong. A good example is PayPal, among the most targeted of companies. Among other things, it intends to roll out better email authentication via the Sender Policy Framework (SPF) and DomainKeys, which would basically allow ISPs "to drop each email that isn't verified to be from PayPal," according to SC Magazine.  

For more:
- here's the Information Week article
- here's an SC Magazine article

Related Articles:
Can banks effectively use email?
Phishers get nabbed
Phishing attacks may hit your computer

SHARE WITH:
Email Twitter Facebook LinkedIn StumbleUpon
Get Your FREE FierceFinanceIT Email Newsletter:
Be the first to comment

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.