WholeSecurity has introduced an anti-phishing aggregation service called the Phish Report Network, and said it signed up participants Microsoft, eBay, PayPal and Visa. The network allows any company being victimized by phishing attacks to immediately and securely report fraudulent Web sites to a central database operated by WholeSecurity. Other companies subscribing to the Phish Report Network can then access the database or receive real-time notifications of known phishing sites, enabling them to more effectively protect consumers by blocking these sites in their user-facing security applications.
As early as 2002, scammers began sending PayPal and eBay users hoax emails made to look as though they were coming from eBay and PayPal, attempting to trick users into revealing password, banking and credit card information. The problem has worsened, and other ecommerce and financial institutions as well as ISPs have become targets. The Anti-Phishing Working Group warned that phishing attack methods are becoming more sophisticated, such as incorporating malicious code into fraudulent Web sites, which could further victimize consumers.
Any company impacted by phishing sites or with the ability to protect end users can participate in the Phish Report Network, based on meeting qualification criteria and adherence to program standards.
