Getting a new hook on the phishers

As e-mail phishing attacks continue their attempts to steal consumer identities and account information to support fraudulent online transactions, online security groups expect to release a new web-based network map next week that will identify the sources of phishing, says David Jevans, executive director of the Anti-Phishing Working Group, one of the organizations behind the map.

Guide to Retail Web Site Design & Usability

The map, which will be offered as a free service to retailers and others concerned with phishing attacks, will provide online access to a view of where network servers that drive phishing attacks are located. “Researchers have been building out network maps to see where the bad guys are,” Jevans says.

The network map has been been under development for months by companies including InternetPerils Inc., a provider of web-based risk management technology; Corillian Corp., a provider of anti-fraud financial systems; Websense Inc., a provider of web-based employee management systems; and the APWG.

The ability of retailers and legal authorities to track and find the servers or physical locations used by phishers will depend on a number of things, Jevans says, adding that it could still be difficult to track phishers who quickly change their servers. But in cases where the map can identify the ISP used by a phisher, it could be possible to find its server as well as its physical location in time to enforce anti-spam laws, he adds.