MessageLabs, those hyperactive purveyors of Internet security, have come up with an anti-phishing service for banks and other targeted companies (Phishing is the scam whereby bogus emails entice you to give up your online banking password and other sensitive information), the first of its kind I do believe. It had been available to about 15 banks and is now available to everyone.
The service involves “real-time scanning, expert analysis and authentication, incident response and early notification of suspicious email activity”. The company uses Skeptic™ Radar (I’m not making this up) technology to scan millions of email messages to detect threats and anomalies. When a scam is identified, analysed and authenticated, the company notifies the targeted company and provides details of the attack. Companies are then able to work with law enforcement agencies to quickly and effectively shut down scammers. (It says here.)
MessageLabs says it has been able to alert “in-house IT staff to the problem before they knew of its existence”. In pilot cases it was able to close down fraudulent website within a couple of hours.
MessageLabs reckon about “20% of all recipients that receive phishing emails have been duped into providing user names, passwords and social security numbers”. That’s a very high figure; I’d heard 5%. I’ll try to find out where MessageLabs get it from.