April 12, 2007, 12:00 AM

Perimeter eSecurity says new service tosses a net over phishing attacks

Perimeter eSecurity is targeting online retailers with a service that it says can quickly shut down phishing attacks in which hackers send fraudulent e-mails to consumers in an effort to collect personal data and payment card details.

Perimeter eSecurity is targeting online retailers with a service that it says can quickly shut down phishing attacks in which hackers send fraudulent e-mails to consumers in an effort to collect personal data and payment card details.

The CounterPhishing Assurance service monitors web traffic continuously to identify bogus e-mails that purport to come from a legitimate retailer, and the company claims it can take down a phishing web site in an average of three hours, much faster than the industry average, which Perimeter says is six days. The monitoring service costs between $75 and $350 per month, depending on the size of the retailer and the services selected, says Clark Easterling, vice president of marketing. Taking down a phishing web site costs extra, generally less than $2,000, the company says.

Perimeter, which has been in business since 1999, originally focused on community banks and credit unions, which make up half the company’s 4,000 clients, Easterling says. But as financial institutions increasingly protect themselves against attacks like phishing, he says the criminals will move on to other online targets. “The logical next one to go to would be Internet retailing,” he says.

Perimeter says it has personnel that speak 17 languages so that it can communicate with companies around the world that may be unknowingly hosting a phishing site. Those language skills are crucial for quickly thwarting phishing attacks, says David Jevans, chairman of the Anti-Phishing Working Group, an industry consortium that tracks phishing and other forms of online hacking.

Jevans says more than half of the world’s phishing sites are now located outside of the United States, with China and Russia ranking second and third after the U.S. Phishing rings set up their data-collection sites by hacking into servers at Internet service providers, small businesses or individuals. Shutting those sites down means communicating with whoever controls the infected computer, and that means speaking their language, Jevans says.

“With less than half the phishing sites hosted in the U.S., multilingual support is something you have to have to be in this game,” he says.

The Anti-Phishing Working Group says 29,930 phishing attacks were reported in January, the last month for which data is available, which is a record. Only 2.2% of those attacks were directed at retailers, but Jevans says those percentages are skewed because 80% of phishing attacks are focused on fewer than 20 companies, mainly online auction sites and major financial institutions. “If you take the top people out,” he says, “the numbers would be quite a bit higher for retail.”

comments powered by Disqus

Advertisement

Advertisement

Advertisement

From IR Blogs

FPO

Gregory Ng / Mobile Commerce

Four shopping behaviors to test this holiday season

With more than 50% of traffic coming from mobile devices, retailers must test and optimize ...

FPO

Chad White / E-Commerce

The e-mail marketer’s holiday planning checklist: fall edition

It’s October, and time to make sure your e-mail marketing program is ready for the ...

Advertisement