Sign Up: Free Daily Tech E-letter  
Technology Home
Washtech
Tech Policy
Government IT
Markets
Columnists
Personal Tech
Special Reports
   -Biotech
   -Google
   -Telecom
   -MCI
   -Spam
   -Venture Capital
   -Software
   -Hardware
   -Media
   -Internet
   -Privacy
   -Microsoft
   -Tech Layoffs
   -Tech Thursday
Jobs

Advertisement
Company Postings
Get Quotes
Press Releases
Tech Almanac

Feds, Private Groups to Educate Consumers About 'Phishing' Scams

Advertisement


_____Spam In The News_____
Loan Spam Leads an Inbox Influx (The Washington Post, Jul 10, 2004)
AOL Employee Charged in Theft Of Screen Names (The Washington Post, Jun 24, 2004)
Largest ISPs Attack 'Zombies' (The Washington Post, Jun 23, 2004)
More Spam News
_____Cybercrime Headlines_____
Bush Signs Identity Theft Bill (washingtonpost.com, Jul 15, 2004)
Al Qaeda Messages Posted on U.S. Server (washingtonpost.com, Jul 13, 2004)
Senate Bill Targets 'Phishers' (washingtonpost.com, Jul 12, 2004)
More Cybercrime Headlines
___Tech Policy/Security E-letter___
Written by washingtonpost.com's tech policy team, the e-mail version of this weekly feature includes an original news article and links to policy and cyber-security stories from the previous week.
Click Here for Free Sign-up
Read E-letter Archive


E-Mail This Article
Print This Article
Permission to Republish
By David McGuire
washingtonpost.com Staff Writer
Thursday, June 17, 2004; 4:47 PM

The federal government and some of the nation's leading consumer organizations and financial institutions today kicked off a campaign to educate consumers about the growing threat posed by "phishing," a sophisticated form of identity theft conducted via e-mail and counterfeit Web sites.

Visa USA, the Federal Trade Commission, the Better Business Bureau and the other coalition members said they plan to work together to teach consumers how to avoid phishing scams and to report suspicious e-mail to authorities.

Phishing scams are designed to trick computer users into divulging sensitive personal and financial information. The Anti-Phishing Working Group reported recently that the number of unique phishing scams making their way around the Internet rose 180 percent from March to April of this year.

A typical phishing scam starts with an e-mail disguised to look like it's coming from a respected bank, credit card provider or online retailer. The message often warns the recipient that certain account information has lapsed and provides a link to an official-looking Web site where a user can "update" such information as Social Security numbers, birth dates, and credit card accounts.

"The advice to consumers is simple: Don't click on the link. If you do, you may be the catch of the day," said Howard Beales, director of the Federal Trade Commission's Bureau of Consumer Protection. Beales joined other coalition members today at a press conference in Washington.

The FTC today also announced that it had settled cases against a pair of identity thieves -- Zachary Hill, 20, of Houston and an unnamed minor from New York -- who had colluded to send phishing spam. Hill also faces a possible 46 months in prison under criminal charges brought by the Justice Department.

The combination of law enforcement and public outreach is needed to tackle phishing, said Wayne Abernathy, the assistant secretary for financial institutions at the Treasury Department. "We cannot solve this problem with education alone, but we cannot fight this problem without education."

As part of the new campaign, Visa will be providing brochures about phishing and other forms of identity theft to the banks that issue its cards and recommend that the banks include the information in monthly bills sent to their customers. All of the members of the coalition will also provide links to anti-phishing information on their Web sites. Call for Action, an international clearinghouse for consumer information, is also providing a free identity theft hotline (1-866-ID-HOTLINE) partially funded by a grant from Visa.

Beales encouraged Americans to forward any suspicious e-mail messages to the FTC at uce@ftc.gov. Such information is valuable, he said, because it helps investigators track scam artists, many of whom change their Web site locations and e-mail addresses frequently in an effort to frustrate law enforcement officials. Consumers can also send suspicious mail relating to their visa cards to phishing@visa.com.

Neither the FTC nor Visa keep statistics on how much money consumers have lost to phishing scams, but identity theft topped the list of consumer complaints to the FTC in 2003 and Internet scams accounted for more than half of all fraud complaints. In a 2003 study, the FTC found that 9.9 million Americans had fallen victim to identity theft in 2002 at a collective cost of nearly $53 billion.

Visa USA Executive Vice President Doug Michelman said the company spends more than $100 million a year on anti-fraud efforts, with the anti-phishing campaign representing only a small fraction of that amount. He would not say how much the company had invested in the program.

Beales stressed that legitimate companies rarely if ever send e-mail asking customers for sensitive data. Customers who have any question about such a request should go directly to the company's Web site by typing the company's Internet address into a browser window, rather than by clicking on a link in a suspicious e-mail.

Earlier this week, a number of private-sector firms announced the formation of a new group -- the Trusted Electronic Communications Forum -- that will work to design technical solutions to the growing phishing problem.


TechNews.com Home

© 2004 Washingtonpost.Newsweek Interactive

Company Postings: Quick Quotes | Tech Almanac
About TechNews.com | Advertising | Contact TechNews.com | Privacy
My Profile | Rights & Permissions | Subscribe to print edition | Syndication