|
Auctionbytes-NewsFlash, Number 707 - February 25, 2004 - ISSN 1539-5065
Previous Story |
| Next Story
Former PayPal CEO Creates Solution to Hoax-Email Scams
By Ina Steiner
AuctionBytes.com
February 25, 2004
|
PassMark Security introduced a new online security solution that addresses hoax email (or "phishing") scams. The PassMarks works by showing customers a personalized image when they log in to a Web site – before asking for a password.
Since a fake Web site will not know the customer's PassMark, it's safe for the customer to enter his password once he sees his PassMark. And PassMarks can also be used to authenticate outgoing email from the bank to the customer. PassMarks require no software or hardware to be installed on the user's computer.
Bill Harris, former CEO of Intuit and PayPal, is founder and chairman of PassMark Security. "A Web site can automatically assign a PassMark to each user from a vast library of standard images, or the user can select or upload his own," Harris said. "I use a picture of my son."
Here's how phishing scams work: A fraudster creates a fake email that looks like it's from a bank and sends it to thousands of the bank's customers. Customers who click on the links in the fake email are taken to a fake Web site, which looks like the bank's web site but is run by the fraudster. Once a customer enters his password into the fake Web site, the fraudster can use that password to gain entry into the customer's real accounts at the real bank Web site. And he can steal real money. Phishing attacks have been launched against most of the major financial institutions and e-commerce sites around the globe, including eBay, Citibank, AOL, Bank One, PayPal, Barclays, Visa and the FDIC.
The Anti-Phishing Working Group reports that the number of phishing attacks increased by 50 percent just between December and January, when an estimated 100 million phishing emails were sent to Internet users.
http://www.passmarksecurity.com
In related news, eBay this week announced its new Toolbar with "Account Guard" to detect spoof Web sites. The Toolbar will display a visual indication when users are on a verified eBay or PayPal Web site, warns users when they may be entering their eBay passwords into an unverified site, and has a spoof reporting feature. eBay reminded users in the announcement that it will never link to a download page through an email, and members should never click on a link in an email that asks them to download the toolbar.
http://www.ebay.com/ebay_toolbar
|
Email this story to a friend.
Previous Story |
| Next Story
Related Stories
Identity Theft Up Nearly 80 Percent, Gets National Attention - July 22, 2003, Issue #579
Amazon.com Files Lawsuit to Combat Email Forgeries - August 27, 2003, Issue #598
Hoax Emailers Broaden Attempts to Steal Identities - September 15, 2003, Issue #608
eBay to Launch New Sign-In Function for Increased Security - November 18, 2003, Issue #649
Scammers Go Phishing on Amazon.com - January 16, 2004, Issue #683
Update: PayPal Payment Wizard Raises Phishing Concerns - February 06, 2004, Issue #696
Scammers Impersonate UPS in New Twist on eBay 'Fake Escrow' Fraud - February 12, 2004, Issue #699
eBay: Scammers Obtained Customer Data from PayPal Merchants - March 15, 2004, Issue #718
eBay Hoax Email Alert: Win a Great Prize - April 06, 2004, Issue #733
New Hoax: 'Donate $1 and pay no more eBay fees for 2004' - April 28, 2004, Issue #749
eBay Users Plagued by Hoax Email 'Phishing' Attacks - July 20, 2004, Issue #809
eBay Signs up for Phish Report Network - February 15, 2005, Issue #954
Phishers Use New Bait to Trick eBay Users - March 04, 2005, Issue #967
Ten-Cent Listing Day on eBay Is a Fraud - July 26, 2005, Issue #1071
PayPal Launches Identity-Protection Resources - August 02, 2005, Issue #1076
Auction Software FAQ: How can I tell if I'm being phished? - November 06, 2005, Issue #154
|
Discuss this story in our forums.
|
