Over in the phishing department, Simon pointed to a new payments blog that seems to cover phishing as well.
A company called Corillian has a 'rule base' system that analyses a company's data to see if they or their customers are getting phished (hmmm.... lost the link. They claim 90% success rate; for now, that is. Short terms solutions like these are probably necessary until the infrastructure is in place to deal with phishing where it most happens, but we shouldn't be fooling ourselves that these are any more than bandaids.
I briefly wandered by the Anti-phishing Working Group's site to see what's new in the war on phishing, and nothing much there. And, I mean nothing - there are lots of teasers, but no information. There are a lot of logos there, however, and this confirms my suspicion of the APWG as a sales forum. Their value-added is to collect all the vendors of phishing solutions for you in one place, and their value-added for vendors is to collect all customers together! My advice to any financial institution looking for help is to do your own research. You will have to anyway.
Addendum: See Phishing Club: An Addict/Enabler Nest?Posted by iang at February 24, 2005 11:18 AM | TrackBack