IoT
Business & Finance
News
5/10/2005
01:19 PM
50%
50%
RELATED EVENTS
File Sharing can be Risky to your Business - Is Your Company at Risk?
May 12, 2016
According to Secure Sharing of Intellectual Property, a January 2016 commissioned study conducted ...Read More>>

MasterCard Shuts Down 1,400 Phishing Sites

But the number of phishing sites continued to grow by 26% per month between July and February.

MasterCard International Inc. said Tuesday that it has shut down nearly 1,400 phishing sites and more than 750 sites suspected of selling illegal credit-card information since launching an ID-theft-prevention program in June. The program also has led to the discovery and protection of more than 35,000 MasterCard account numbers that were in jeopardy of being compromised.

Under the program, called Stop It, MasterCard is collaborating with digital-asset-protection company NameProtect Inc. to detect online scams in real time as they proliferate across the Internet. NameProtect employs Internet detection technology and systems to continuously monitor domain names, Web pages, online discussions, spam E-mail, and other online formats to identify online trading rings, phishing attacks, and other forms of fraud the moment each attack is launched online.

NameProtect provides real-time exclusive reports to MasterCard. MasterCard, in turn, reports illegal Web sites and other illegal online forums to law enforcement and alerts financial-services institutions.

The number of phishing sites grew by an average of 26% per month between July and February, reaching 2,625, according to the Anti-Phishing Working Group. The average lifetime for a phishing site was 5.7 days in February, but some stayed in operation as long as 30 days.

Last week, MasterCard succeeded in shutting down a phishing site within 15 minutes, says Sergio Pinon, senior VP of security and risk services. Typically, ID-theft rings will move their operations to other Internet service providers but give up after they've been shut down two or three times, Pinon says.

The rapid response to phishing has helped law-enforcement officials break up fraud rings. In October, the U.S. Secret Service collared 27 computer and credit-card scam artists following an investigation; the probe significantly disrupted cybercriminals targeting the U.S. financial infrastructure, according to MasterCard.

One of the newer forms of ID theft is "pharming," also known as DNS (domain name system) poisoning, in which victims are directed to a spoofed Web site that's an exact replica of the real site, where thieves harvest large volumes of personal information.

Cyota Inc., an anti-fraud software provider for financial institutions, on Tuesday added an anti-pharming feature to its FraudAction anti-phishing product. Thirteen of Cyota's banking clients, including two large U.S. banks, have deployed the anti-pharming software over the past eight weeks. The system scans for potential pharming attacks and alerts Cyota's Anti-Fraud Command Center. Once an attack is identified, the center proactively shuts down the spoofed site, conducts forensics, and deploys technical countermeasures. To date, Cyota has shut down more than 7,000 spoofed sites in 65 countries and lowered the lifespan of an attack to five hours from six days.

"Pharming represents a much more insidious form of attack than phishing, because there's no action required on the part of the user," says Chris Voice, VP of technology at security software firm Entrust Inc. Efforts to track and shut down phishing sites, he says, combined with strong authentication software to prevent keylogging and spyware, represent the best hope for restoring online trust.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Register for InformationWeek Newsletters
White Papers
Current Issue
2016 InformationWeek Elite 100
Our 28th annual ranking of the leading US users of business technology.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of April 24, 2016. We'll be talking with the InformationWeek.com editors and correspondents who brought you the top stories of the week!
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.