Phishing: Who’s Problem is it Anyway?
A MessageLab report on the increase in phishing is getting a lot of play: there are more phishing attacks than Trojan horse and worm attacks. This also looks like the inevitable response from attackers to improved security measures. Here’s one take on the story from IT Week:
The increase in phishing attacks is due to several factors. Firstly, virus attacks have become more targeted and are no longer occurring as one large outbreak. Secondly, online merchants have recently shifted toward deploying two-factor authentication methods which have given rise to ‘man-in-the-middle’ phishing sites.
But how big of a problem is phishing relative to other threats?
PayPal, a leading target for phishers, has bigger fraud headaches according to IT Week.
Michael Barrett, chief information security officer at PayPal, says the problem with phishing has more to do with perception than reality.‘Financially, phishing is not even in the top five of categories that we suffer from fraud–wise. But when you say you work for PayPal, people say: ‘Oh I get all these emails from you. What are you doing about that?’ People perceive that there is an issue, so there is an issue,’ he said.
Of course they don’t bear the full cost of the fraud. Consumers are the ones who have to monitor every transaction and clean up the mess of fraudulent activity on their accounts. Besides we’re the ones who are tired of reading about massive exposures of personal financial information and wondering when we’ll find an account has been compromised.
A comment to a blog post about the TJX disclosure complained that we shouldn’t criticized TJX because they were the victims of a crime. Actually, it was the 40 million account holders that were the victims.
Phishing is a big problem, I guess it’s just a question of who’s problem.
Email This!
Digg it!
Sphere it!
Del.icio.us
Reddit!
Newsvine
