Access your Pro+ Content below.
How to prevent phishing scams and protect customers
This article is part of the July 2004 issue of Information Security magazine
Phishing is no longer a nuisance crime. Sophisticated identity thieves are targeting customers of financial institutions and high-profile e-tailers in big numbers--and starting to get big results. Unlike spammers, phishers' messages aren't aimed at selling male enhancement drugs, cut-rate mortgages or porn. Rather, phishers use common spamming techniques to generate vast numbers of e-mails that lure customers to spoofed websites and trick them into giving up passwords, credit card numbers and other personal information. The problem has exploded since Earthlink issued its first warning a year ago. E-mail security provider Brightmail (recently acquired by Symantec) reported it detected 2.3 billion phishing messages in February alone. A study released by Gartner Research in May estimates that 76%of all known phishing attacks had occurred since last December. The Anti-Phishing Working Group (www.antiphishing.org), an industry association of more than 200 organizations, reported 1,125 unique phishing attacks in April, up from 402 in ...
Features in this issue
While physical security at the Olympics is paramount, information security for its vast IT network is also a major challenge.
USB tokens aren't as strong as you think. Multifactor authentication is meaningless when the supporting software is insecure.
Learn why setting comprehensive email acceptable use policies can help minimize email risks and secure your email applications.
Will intrusion prevention ever live up to its promise?
In this tip, Web security guru, Nalneesh Gaur examines how hackers are using phishing scams to exploit financial sectors of the industry, why you should care and what you can do to prevent these attacks.
Columns in this issue
Enterprise security managers need to think like warriors when it comes to protecting their systems. Lawrence Walsh explains why.