Click to return to BOL home page
Banker Store BOL Vendor Connect BOL Career Connect BOL Learning Connect Bankers Information Network
Home Compliance Lending Operations Security Marketing Technology/eBanking
Top Stories Bankers' Threads Background Check CrimeDex Em@il Education ID Verification Record Retention
 


MAIN CONTENT 
Compliance

    Agency Road Maps

    Alphabet Soup

    Compliance Tools

    FACTA/FCRA

    OFAC

Lending

    Article 9

    FACTA/FCRA

    HMDA Heaven

    Lending Tools

    SCRA

Marketing

Operations

    Check 21

    Disaster Updates

    Disaster Recovery

    HR Corner

    IRA Season

    Money Matters

    Operations Tools

    SARResearchGuide

Security

    AML/BSA

    Bank Robbery

    Counterfeits

    ID Fraud/Phishing

    Security Tools

Technology/eBanking

    Disaster Updates

    Disaster Recovery

    Info Security


SPECIAL AREAS 
BOL Archives

BOL Blogs

Briefing Archive

Calendar

Court Watch

Disaster Issuances

Em@il Education

Examiner's Corner

Executive Briefing

Infovault

Launch Pad

Lessons Learned

Monthly Roundup

Risk Management

Site Map

Site Orientation

Top Stories


~ ~ ~
SERVICES 
Background Check
BOL Conferencing

CrimeDex

Em@il Education

ID Verification

Record Retention


~ ~ ~
SHOP 

Banker Store
Bankers Info Ntwk
Books
Vendor Connect

CONNECT 

Career Connect

Learning Connect

Vendor Connect

Guru Central

INTERACT 

Ask a Guru
Bankers Threads

Contact Us

Give Us Feedback


TOOLS 

60 Second Solutions

Alphabet Soup

Banker Tools

BOL Forms

FUN 

Banker Humor

Banker Memories

BOL Recipes

eCard Exchange

LEARN MORE 

About Advertising
About Our Sponsors
About Us


Print Friendly! Email This Article! Discuss NOW!


A Way to Stop Phishing at the Pier
by Barbara Hurst, BOL Guru
Guru Bios

Given the speed that phishing attacks change addresses and schemes, the current company IT practice of guarding against those attacks by using black lists simply can't keep up. But companies now have a new weapon they can offer customers or use to guard employees against those attacks. The tool can prescreen web sites through a user's browser and based on a number of risk factors, warn the user and even stop them temporarily from accessing a spoofed site.

eBay has tested and is now offering a version of one such tool - Web Caller ID - free to its customers. The user-friendly technology, which eBay calls Account Guard, is downloaded by customers, who don't see its effects until an attack occurs and the customer prepares to respond. With the new technology, when someone sends one of the fake emails that link to legitimate-looking web sites, the customer's browser analyzes the site before it actually goes there and detects factors such as whether the domain name was recently registered, how deep the web site is, whether an IP address is at the beginning of the URL, what the site's page history is, and other characteristics common to phishing sites. It then alerts the user and can be configured to require them to proactively decide to go to the web page despite warnings.

Meanwhile, spoof sites are reported back to the company that offers the service, allowing those companies to take immediate action. According to the company that offers the tool - WholeSecurity - it is 98 percent accurate in identifying spoofs and a fraction of a percent false-positive.

Copyright © 2004 Bankers' Hotline. Originally appeared in Bankers' Hotline, Vol. 14, No. 07, 10/04



Print Friendly! Email This Article! Discuss NOW!


Privacy Policy    Disclaimer   Recommend This Site !   Contact Us


BankersOnline is a free service made possible by the generous support of our advertisers and sponsors. Advertisers and sponsors are not responsible for site content. Please help us keep BankersOnline FREE to all banking professionals. Support our advertisers and sponsors by clicking through to learn more about their products and services.