April 20, 2005
By Marshall Lager, founder and managing principal, Third Idea Consulting; contributor, CRM magazine

AOL Tightens Its Phishing Net

America Online is taking a series of steps to combat phishing by partnering with Cyota, a developer of antifraud products and services for the financial sector, to provide early warning and aggressive response to phishing attacks. As part of the campaign Cyota will provide AOL with the services of its Anti-Fraud Command Center, a 24/7 monitoring operation in North America, Europe, and Asia-Pacific that scans more than 1 billion emails a day for indications of phishing. According to Cyota CEO Naftali Bennett, attacks can be defeated minutes after they begin in some cases, limiting potential damage to handfuls of consumers. This initiative comes in response to a sea change in the fraudster community. "Over the past 16 months or so, the source of phishing emails has moved away from teens and amateurs who have learned how to write a little HTML code," Bennett says. "More often, these attacks are tied to organized crime." Individuals and small-fraud rings still scam people to use their financial and identity assets for their own purposes, he says, but larger operations gather massed data and sell it to other organizations, much as a company might sell its contact list. "This makes it harder to track the ultimate usage of stolen information," Bennett says. "If the attack happens in January, the information might not be used for fraud until July, when the consumer has forgotten the incident and the data has changed hands several times." Cyota's Anti-Fraud Command Center scans emails for tell-tale signs of phishing and notes trends like usage spikes and suspicious subjects sent in bulk. After checking with the possibly impersonated institution to be sure the mailing isn't a legitimate marketing effort, the command center notifies partners and Internet service providers so they can block the messages from ever reaching consumer victims. Further action may include tracking the source to shut it down and prosecute the originators, or flooding the attacker with worthless information. The command center has detected and tracked attacks originating in 65 countries from Latvia to South Korea, and has stopped tens of thousands of attacks to date, according to Bennett. He believes phishing fraud is growing so fast for three reasons. "Phishing is easy, it typically carries a very low risk of being caught, and has the potential for high rewards--these are the prime motives for crime," he says. By addressing all three motives through early detection, tracking of sources and devaluing the returns by flooding attackers with useless customer data, Cyota hopes to make phishing no longer a profitable enterprise, Bennett says. "Imagine selling a list of bogus account data to Tony Soprano." Related articles: Taking Bank Vaults Online

Wireless Conference Highlights Security and Opportunity Consumers May Face Increased Risk of Identity Theft

Free

for qualified subscribers

Subscribe Now Current Issue Past Issues

AOL Tightens Its Phishing Net

Contact Center Transformation with AI and Automation

Digital-First Customer Service in a Human World

Top 6 2024 Customer Experience Megatrends – What to Prioritize Now

More

Let's Get CX AI Ready: Shoot for 3 Practical Ways to Score CX Points

Beyond ChatGPT: Navigating the New Era of CX AI

CDPs: Boosting Service, Marketing, and Sales

Contact Center Transformation with AI and Automation

How AI-Assisted Self-Service Can Transform Your CX

More Web Events

Not All AI Copilots Are Created Equal

Designing Your AI-Ready Business

CX Innovation at Scale: Maximize Business Success by Using AI to Futureproof Your CX Activities

More