It’s Not Legal to Phish
- By Ralph C. Jensen
- Apr 04, 2007
ONLINE retailers are now finding out how difficult it is to run a business, and the companies do have one trouble that a storefront may not experience. The businesses are targets of phishing attacks.
According to the AntiPhishing Working Group, more than “11 brands are phished per day.” The group also said “applications of password-stealing code” hit nearly 350 in December alone. These attacks target e-retail customers, since banks have become gradually sensitized to the risk, and thieves are looking elsewhere to steal customers’ credit card, bank account and retail account numbers and passwords through faux Web sites.
Phishing seems harmless at the start. It’s not. It begins with a fraudulent e-mail directed at a retail customer. The e-mail appears to come from the customer’s online vendor and contains a URL or Web site link. When the link is clicked on, the user is taken to a phish Web site and directs them to enter their account number, username, password or PIN.
This information is collected and placed in a database enabling criminals to use the customer’s identity to steal funds, commit fraud or otherwise attack the institution.
According to Kevin Prince, CSO of Perimeter eSecurity, there are 59 million phishing e-mails sent out worldwide each day. He also said attacks are becoming increasingly more personal because hackers will go to any length to make you think the e-mail or Web site they are presenting is real.
Fraudulent phishing and pharming sites need to be taken down immediately. This will stop further attacks and damage. Phishing is illegal. Don’t take the bait.
I’d like to hear your take on this damaging security breach. Feel free to e-mail me here at the office and we’ll talk about it.
About the Author
Ralph C. Jensen is the Publisher/Editor in chief of Security Today magazine.