ISPs and e-commerce sites could use more tools to combat
the rise of phishing, and produce ‘whitelists’ of legitimate
websites, according to a US report by the National Consumers
League.
The report, A Call for Action, was released by an amalgam of
consumer groups, technology suppliers, financial services
organisations and law enforcement agencies, and calls on internet
service companies to beef up consumer education.
One suggestion is for internet companies and law enforcement
agencies to enter false information, such as bogus credit card
numbers, into phishing websites, allowing police to find phishing
scammers by tracking the use of those false numbers.
The report also calls on technology companies to build
anti-phishing security into products, and for ISPs and domain name
registrars to explore using both whitelists and blacklists to
separate legitimate websites from phishing sites.
There is already concern among e-commerce companies that
internet users are becoming more wary of conducting business online
because of phishing scams and other cyber security problems.
The call for action is an appropriate one. There has to be more
innovative thinking from the security community to counter the
sophistication of phishers.