Spam Daily News | AOL announces new steps to combat phishing, identity theft

From Spam Daily News

What's New
AOL announces new steps to combat phishing, identity theft
Posted on October 05, 2005

AOL now blocking roughly 8 million phishing attempts per day.

America Online announced a range of aggressive new steps to help protect AOL members from "phishing" attacks -- the use of fraudulent e-mail and fake Web sites to gather sensitive personal information from users.

New partnerships with leading anti-phishing companies MarkMonitor and Cyveillance, and an expanded agreement with existing partner Cyota, now offer AOL members multiple layers of invisible protection against phishing attacks.

Among the strategies that AOL is now employing as a result of the new and expanded partnerships with those companies:

-- Early warning systems that check newly-registered domains to see if they mimic legitimate site names, indicating they may be used for phishing.

-- Web crawling systems that constantly explore the Web looking for suspicious sites that imitate the text or appearance of real sites.

-- URL analysis that checks more than a million suspicious URLs referred by AOL members each day to determine if they are phishing sites.

-- Take down efforts that work with system administrators and web hosting providers worldwide to remove known phishing sites from the Web.

-- Technical countermeasures that target fraudulent sites to help reduce the risk of personal information being gathered on those sites.

-- Round-the-clock blocking of member access to newly discovered phishing sites by AOL's security and mail operations teams.

This effort comes on top of AOL's existing efforts to protect members from phishing attacks by blocking millions of e-mails each day that contain links to known phishing sites before they reach a member's mailbox, as well as blocking member access to known phishing sites through the AOL client.

"The only difference between a phisher and a mugger is that a phisher uses a keyboard and not a gun," said Tatiana Platt, AOL Senior Vice President and Chief Trust Officer. "Phishing and identity theft crimes cost consumers billions of dollars each year, and we will do everything in our power to protect our members from the online criminals who would prey on them. We are proud to be teaming up with the world's best cyber security firms to add these extra layers of protection for our members."

To help identify potential phishing sites, AOL uses member feedback through the millions of e-mails referred via the "Report Spam" button, as well as input from a range of other internal and external sources. When a phishing site is identified, AOL works to block incoming e-mails containing the URL to that site, as well as limiting access to the site through the AOL software. In addition to fraudulent web sites that attempt to spoof pages of the AOL service, AOL also works to protect members from scam sites that imitate other legitimate companies such as banks, credit card issuers, online auctions, and online payment facilitators.
SOURCE: AOL