Industry Leaders Build PhishNet to Stop Identify Theft

International law enforcement and numerous industry leaders have joined forces to fight the growing problem of “phishing” scams. Digital PhishNet is a collaborative enforcement program designed to forestall socially engineered attacks executed via e-mail, which steal consumers site passwords, credit card numbers and other personally identifiable information that relates to identity theft.

The program catches phish by tracing the origins of deceptive e-mails and phony Web sites in real time, then by passing that information on to law enforcement.

The most common modus operandi for phishing schemes is to send out spam from falsified e-mail addressed linked to imposter Web sites that replicate the look and feel of legitimate businesses. It is common for the e-mails to ask consumers to “update their account information,” when in reality, they are baiting users for identity theft.

Phishers have become more insidious as they grow proficient at their craft; in rare instances some have even found ways to host spoofed sites on official domains by hacking insecure Web servers. Others install spyware or viruses on their marks machine to monitor their online activity and otherwise harm their systems.

Digital PhishNet draws together leaders in technology, banking, financial services, and online auctioneering to establish a direct line of communication with law enforcement. When industry sleuths pass on aggregated data, it is dispersed to the appropriate officials in federal, state and local agencies so that cyber criminals can be identified and ultimately apprehended.

/zimages/2/28571.gifRead the full story on BetaNews: Industry Leaders Build PhishNet to Stop Identify Theft

/zimages/2/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.