AOL Toughens Campaign Against Phishers

The online service will start around-the-clock searches for Web sites looking to fleece subscribers and will join forces with a security firm specializing in uncovering scam sites in the financial industry.

Antone Gonsalves, Contributor

April 20, 2005

2 Min Read
InformationWeek logo in a gray background | InformationWeek

America Online Inc. on Wednesday boosted its weaponry against phishers by starting around-the-clock searches for websites looking to fleece subscribers and joining forces with a security firm specializing in uncovering scam sites in the financial industry.

The Dulles, Va. portal said its latest efforts launched a major campaign against phishing, which is the use of emails disguised as coming from banks or other companies to lure people to bogus sites that seek credit-card numbers, PINs, and passwords to online banking and other personal information.

"This is a significant expansion of what was once a more ad hoc process," AOL spokesman Andrew Weinstein said. "This raises the intensity with which we are identifying and locating (phishing) sites."

Phishing has become one of the top security threats on the Internet today. The average monthly growth rate of phishing sites from July 2004 to February of this year has been 26 percent, according to the Anti-Phishing Working Group.

Security firm Symantec Corp., for example, reported that it blocked 33 million phishing emails per week in December 2004, up from 9 million in July 2004.

AOL, a subsidiary of Time Warner Inc., has partnered with New York-based Cyota Inc. in identifying and blocking access to suspected phishing sites through a 24-hour, 7-day-a-week monitoring process.

AOL gathers information on suspected sites through reports from its millions of subscribers and its own internal investigations. Cyota gathers information from its more than 350 million accountholders worldwide. The company provides anti-fraud and security systems to eight of the 12 largest banks in the United States and the United Kingdom, as well as financial institutions in other countries.

The AOL client blocks access to fraudulent sites, and then notifies subscribers that they are trying to access a dangerous spot on the web. The subscriber must be using the AOL client in order to take advantage of the service.

Besides the effort announced Wednesday, AOL uses its anti-spam technology to block phishing emails from entering subscribers' inboxes. Other security measures include alerts that notify members of unusual account activity on their registered bank accounts or credit cards, a sign that they may be victims of phishers.

AOL plans to add to its anti-phishing arsenal later this year with more partnerships, technology, and possible legal action against suspected phishers, Weinstein said.

"This is all part of a comprehensive campaign against the criminals trying to prey on our members," Weinstein said.

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like


More Insights