PayPal steps up fight against phishing
Published: 14 Apr 2008 09:58 BST
PayPal is stepping up its battle against phishing with new technology and by collaborating with others in the industry.
Speaking at the RSA security conference in San Francisco last week, Michael Barrett, PayPal's chief information security officer, outlined the company's strategy for dealing with the phishing problem.
As one of largest secure online payment providers, Barrett said PayPal needs to step up efforts to stamp out the phishing problem — not just to protect customers but also the internet as a whole.
He said: "We know we're always going to be an attractive target for criminals. But what I don't want is PayPal to be protected and the rest of the industry not. Phishing could be solved, there's no need for it to happen."
According to Gartner, 3.3 percent of the 124 million people who received phishing emails in 2007 were duped and lost money.
PayPal is taking a three-pronged approach to tackling phishing using education, technology and partnerships.
Barrett equated the current situation in educating consumers to the early years of the car industry when the benefits of rules of the road and safety had not been fully realised.
Read this
Corporate espionage: Not if, but when
When it comes to business-to-business theft of information, experts agree — it's best to assume it will happen to your company
He said: "I would say we're at the same stage on the internet. I think we probably have another decade of consumer education ahead of us."
PayPal has brought in a number of tech solutions including digital email signatures — something that the company now does with 100 per cent of its outbound emails.
Currently PayPal is also focusing on an approach where ISPs block emails seemingly sent from PayPal that don't have the correct digital signature.
The company is doing this with Yahoo! since autumn last year and so far it has blocked 50 million phishing emails from reaching customer inboxes.
But Barrett said other measures are needed such as email certification.
The warning systems on browsers such as Microsoft's Internet Explorer 7 — which indicates whether sites are trustworthy — are also helping to stop people clicking through to phishing sites, Barrett added.
But he stressed that partnerships are also key in the fight against phishing. "The saying 'united we stand, divided we fall' couldn't be clearer in this area," he said.
PayPal works with owner eBay along with AOL, Google, Verisign, Yahoo! and various government bodies.
Barrett said: "The internet is a global medium and we need to be running it in a much more unified way."
Credit: PayPal wages war on phishing from silicon.com
Did you find this article useful?
5 out of 5 people found this useful
Digg
Slashdot
Del.ici.ous
Stumble
Reddit
