Can Teamwork Stop Phishing?

from the wishful-thinking... dept

While eBay seems to be moving away from email as a method to stop phishing scams, a number of common phishing targets have all teamed up to “share” info on phishing scams. I’m sure the phishing site operators are really, really afraid now. While, it obviously can’t hurt for these companies to share info, that’s hardly a major initiative to stop phishing from happening. These companies should have realized a long time ago the importance of sharing information — and, if anything, it’s a bit scary that they’ve only decided to do so at this point. As we’ve pointed out before, phishing is at its core a bit of social engineering designed to trick people into believing something. It’s not so much a technical trick (though, technical tricks are being used to help move along the charade), and attempts by tech companies to take a tech approach to solving the issue may find it much more difficult than they imagined.

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Can Teamwork Stop Phishing?”

Subscribe: RSS Leave a comment
Ina Steiner (user link) says:

No Subject Given

Too true. I’ve been writing about PayPal phishing since June 2002. The only way to avoid phishing scams is to never click on a link to a log-in page, yet I continue to get emails from financial insitutions with such links. All companies need to emphasize that users should log-in to their accounts through their browswers. There is no technology fix for scams involving social engineering. It’s appalling the lack of industry cooperation with regard to fraud, this will hurt ecommerce.

Anonymous Coward says:

No Subject Given

Just a curiousity thing that I’ve always wondered about Phishing scams: The good looking, but bogus, link points somewhere… How come the bogus server is on the air 10 minutes after the legitimate institution gets a copy of the phish? I.E. Why doesn’t Citibank, Paypal, whomever go after the server with all guns blazing? These things are clear fraud, they should be able to get law enforcment engaged very quickly and raid the site?

Phish Phinder says:

Citizens stop phishing on their own?

Maybe someone’s already doing this, maybe it’s time someone did. Why doesn’t someone develop a “shared bandwidth” 1-time DoS hub and allow volunteers to first verify a phishing site (multiple people for authenticity) and allow ‘members’ of the site to donate a very small part of their bandwidth each to hammer on the phishing site(s)? I believe it could be legal if the volunteers who were *cough* “looking at the phishing site to see if it were still online” just had a browser on refresh… for most of these phishing sites.. they are going to choke/be rendered useless, or have the plug pulled for exceeding allowed bandwidth very quickly. Safeguards and checks would have to be put in place.. obviously… but the sequence would go something like:
1. Phishing Site Reported
2. Notice sent to ‘verification team’ a team of verified volunteers who would each login to a hub/secure server to approve/disapprove the ‘listing’ of the reported site.
3. When x-number of ‘verifications’ happen.. the site is listed online or sent via dispatch to the “browsing volunteers”.
4. They ‘browse the site’ until they receive notice it’s down. Once notice is received… they give the ISP back his bandwidth.
Is it vigilantism or is it civil justice? We built the Internet, we the global users also must protect it. IF I see enough positive responses to the idea, I will donate or assist with building a hub for the purpose.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...