In a major initiative to combat the growing threat of identity theft scams, AOL announced it will begin to work internally and with partners to identify and block member access to phishing sites. AOL says the blocks affect only dangerous sites, and will not be extended to censor questionable content.
The move will be the first time AOL has made a concerted effort to prevent its members from reaching the dark corners of the Web. The company previously only blocked small numbers of sites on an “ad hoc basis” based on “internal referrals during work hours,” a company spokesperson told BetaNews.
Phishing is the designation given to a class of socially engineered attacks—generally carried out like spam via e-mail—that steal consumers passwords, credit card numbers and other personally identifiable information. Very often these scams look like genuine e-mails from companies such as PayPal and eBay.
To keep its users protected from phishing, AOL is joining forces with Cyota, an anti-fraud and security solution provider for financial institutions. When a site is blocked, any AOL member who tries to visit the page will encounter a notice explaining the danger.
“This system functions like a 24-hour-a-day phishing SWAT team, using a variety of sources to try to identify and block phishing sites around the clock,” AOL spokesperson Andrew Weinstein explained to BetaNews. “So, if an attack is identified at 4am, we will try to block it before our members have their first cup of coffee and check their morning e-mail.”
AOL downplayed concerns that such blocking could open the door for censoring content the company deems inappropriate, saying phishing sites do not fall into a grey area.