New "blacklisting" features incorporated in the latest Firefox 2.0 and IE 7.0 browsers are failing to curb the rise of phishing. The anti-phishing features are failing in the face of new phishing domains being registered by criminals as a workaround to the blacklists.
"Registering a new domain for each phishing attack offers the criminal several hours to steal information between sending out the messages and the site being added to the blacklist." Says David Jevans, chairman of the Anti-Phishing Working Group (APWG), and chief executive at security firm IronKey.
Read the full article @ vnunet.com.
Phishing is the act of duping users into divulging sensitive information (like credit card numbers and social security numbers) via disguised e-mails, Web sites, etc. McAfee recently released an update to its Top Ten Security threats for 2007 that points to an astounding 748% increase in phishing Web sites.
User-ignorance on phishing is one reason why it continues to be a serious threat. Experts like Jevans propose that an effective model would be one that authenticates e-mails and Web sites, a system that would require major collaboration from ISPs, software vendors, and hosting services.
Considering the threat to information security and bandwidth wastage, is it not high time that organizations collaborated on a major initiative that would work in real-time? Join the discussion.