Michael Barrett, Chief Information Security Officer at PayPal, says phishing is not an unsolvable problem. He and colleague Dan Levy have written a white paper called "A Practical Approach to Managing Phishing" that was published on Thursday in conjunction with the RSA security conference.
The paper outlines PayPal's historic approach to managing phishing and urges the Information Security industry to work together. Barrett wrote in a PayPal Blog post on Thursday that the company's strategy had focused on preventing financial loss to customer accounts, but that it realized that there was a holistic dimension: "how do we prevent phishmail from getting to our customers in the first place?" The paper explains the approach PayPal has taken to do just that. The paper concludes:
There's clearly no "silver bullet" which will deal with phishing. Rather, we've made a credible case that
a multi-layered strategy, such as the one we've laid out, can in fact make a significant difference in
dealing with the crime. We encourage the rest of the industry to evaluate their anti-fraud efforts and
adopt a fraud prevention strategy along these lines. As the old adage goes, "united we stand; divided we fall."
The white paper available for download in PDF format through a link in the blog post.
Michael Barrett, Chief Information Security Officer at PayPal, says phishing is not an unsolvable problem. He and colleague Dan Levy have written a white paper called "A Practical Approach to Managing Phishing" that was published on Thursday in conjunction with the RSA security conference. 
