Sophos PhishAlert Spots ID Theft Bait Early

The enterprise anti-virus vendor is offering a new early-warning system for businesses struggling to cope with the sharp rise in phishing attacks.

Enterprise anti-virus vendor Sophos Plc. on Tuesday rolled out a new early-warning system for businesses struggling to cope with the sharp rise in phishing attacks.

With Sophos PhishAlert, the U.K.-based company is offering a service that proactively informs organizations of new phishing scams that target their customers.

PhishAlert comes just one month after Sophos rolled out ZombieAlert, a companion product that detects and reports on botnets running on an organizations network.

"The phishers are casting their nets wider and wider, and you have to act immediately to protect your customers. This is where an early-warning system becomes most valuable," said Sophos product marketing manager Korey Ferland.

Ferlands sales pitch is straightforward: "Any organization that has an online presence or does e-commerce should worry about phishing. The identities of their customers are being stolen, and its affecting business."

In an interview with Ziff Davis Internet News, Ferland said the PhishAlert service will be powered by researchers at Sophos Labs, the companys network of virus and spam analysis scattered around the globe.

"We already have an infrastructure of spam traps and honeypots that monitor millions of spam messages every day. A lot of those are phishing attacks targeting specific financial institutions," Ferland said.

With labs located around the globe, he said PhishAlert would offer "follow-the-sun" notification of phishing attacks.

For $30,000 a year or $3,500 per month, PhishAlert will deliver e-mail alerts to businesses within five minutes of detection.

"Once we detect a phishing attempt in the lab, the affected business will get an immediate alert," Ferland said. "The biggest issue companies have with phishing attacks is they find out too late. By the time they can react, the damage has already been done."

In a phishing attack, internet scammers send e-mails purporting to be from a bank or e-commerce site asking the victim to update their personal accounts by entering confidential information into a fake Web site.

/zimages/2/28571.gifClick here to read more about phishers using botnets as DNS (Domain Name System) servers.

The fraudsters typically move from site to site in quick time and adopt sophisticated tactics to trick unsuspecting surfers into giving up private data that can be used for identity theft.

Ferland said PhishAlert will be marketed directly to financial institutions, government departments, e-commerce businesses and any organization that collect personal information electronically.

Included in the early-warning notification is e-mail samples of the phishing attack and additional information to help businesses respond quickly to attacks.

It also promises to identify fraudulent Web sites to users of the PhishAlert service, Ferland said.

According to statistics released by the Anti-Phishing Working Group, there were about 15,050 active phishing sites reported in June 2005, more than double the number reported in October 2004.

Sophos is not the only company offering phishing alert services for businesses. Symantec Corp.s Brightmail, Netcraft Ltd., and Fraudwatch International market similar early warning systems.

/zimages/2/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Security Center Editor Larry Seltzers Weblog.