Supplementary Authentication Tools

Phishing and the Road to Recovery
By Veronica Mun

The history of phishing has proven to be long and successful one. Phishers took advantage of internet users during a time when the notion of email and the internet was still new and exciting, while the notion of security was nonexistent. As naïve users opened up emails from banks asking them to verify, validate, or confirm account information, never did they stop to think that the emails were fraudulent. Now, recent phishing attempts have shifted to calling customers by phone with an automated message directing the customer to provide their account information. This concept is known as "vishing".

Many of these incidents have undoubtedly occurred due to customer ignorance. However, that explanation can only go so far. Security Focus reports that the Anti-Phishing Working Group found that "23,670 total phishing websites [were] used to commit identity theft, fraud and other malicious activity in July 2006" alone! When are businesses going to start taking some responsibility for this large number and realize that they, too, play a part in the big picture on how to protect consumers from phishing fraud?

As an internet user, all I hear constantly is to be weary of fraudulent emails. "Your bank will never ask you for your account information over email." Sound familiar? All we can do is protect ourselves by not giving away our information. But in this day and age, where everything has gone digital, it is extremely inconvenient and difficult to not partake in the new technologies that are meant to make our lives easier. It seems impractical to setup a feature like online banking, and then have customers not use it because it’s unprotected.