Evading Phishers Hooks
Strong authentication is needed to blunt "phisher's" hooks.Do you know what "phisher" fraud is? if you dont, you should. In phisher fraud, a prankster copies a Web site, hosts it on his or her domain, then sends convincing spamwhich appears to be authored by the real owner of the siteto millions of users requesting they return to the hijacked site to "secure your account." At the masquerading site, a victim faces a branded page requesting such information as user ID, password, credit card number and expiration date, and Social Security number. Unwittingly, a number of victims have given up their private access information to criminals. If youre a retailer and struck by phisher fraud, its bad. Youve got accounts creating mischief, and you and the credit card companies have an exposure. If youre the account holder, its a hassle, and youll have some fraudulent charges to deal with. However, if a bank gets stung, the life savings of a customer could be at risk. With just a user name and password, theres typically no limit to the size of a check or a transfer that a culprit can create online.
This type of scam will only get worse unless we change the way we access the Internet. The solution is strong, multifactor authentication. This kind of authentication is not new; it can prevent prank phone calls from being made from cell phones, and it helps keep ATMs from attack by pranksters.