eBilling News: I’ve been Phished, Again!

Wednesday, January 20, 2010

I’ve been Phished, Again!

With half of the Internet users in the UK now banking online it’s hardly surprising that phishing is on the rise. As new customers migrate to more convenient banking processes the number of potential targets for phishers grows each week.

I’m a victim of phishing attacks each week, but as part of an antiphishing working group, I know better than to click on the links offered in my “Account Suspended” notice or “Security Upgrade” message.

The scary fact is that not everyone can detect the difference between a real email from their bank and a fraudulent one.

One reason for this problem is that banks have been systematically terrible at educating their clients (especially new and young ones) about how to recognise authentic banking emails and how to identify phishing attempts.

For years many banks stopped sending emails to their clients, only to have the phishers increase their activity to fill the gap. Without valid, authentic emails to compare to, increasing numbers of customers were being tricked into clicking on links in an email and providing their login and password details to fraudsters.

The key is not to STOP sending emails but to send MORE email. More regular, authenticated, validated email that educates users on what to expect in emails sent to them by their bank and allowing them to spot the phishing emails a mile away.

If I understand what to look for in a real Rolex watch, I won’t be duped into buying a fake one. The same principle applies to emails – banks need to educate their clients in what to expect when receiving an email from the bank. These features will be predominately visual as that is how people work, but should include partial customer data that the phishers can never amass for any size database. Alternative authentication including technical methods such as SPF and DKIM as well as digital signatures can be combined to make email the trusted communication tool it needs to be.

Phishing is a reality in today’s connected economy, but we can combine technology and education to make it less and less economically viable for the fraudsters to phish our banks.

Michael Wright
Global CEO
www.striata.com

No comments:

Post a Comment

About Striata

Striata’s Secure eDocument Delivery and Email Bill Presentment & Payment (EBPP) are solution sets that deliver a rapid reduction in operational costs, quicker payments and an enhanced customer experience.

Striata revolutionizes the way bills, statements, policies, collection notices, letters, paystubs and other high volume system-generated documents are delivered and paid. Registration requirements are eliminated by emailing feature rich, interactive, encrypted documents directly to the inbox and enabling innovative 1-click electronic payment from within the document itself.

Direct email delivery of bills and statements dramatically increases customer adoption of electronic documents, paper turn off and ePayments. This enables Striata’s clients to achieve rapid ROI; complement their existing self-service and e-communication strategies; significantly reduce paper output and to meet
their carbon footprint/environmental impact targets.

As a leading international provider of electronic messaging since 1999 with more than 200 blue chip customers, Striata has operations in New York, London, Sydney, Johannesburg, Hong Kong and partners in North, Central & South America, Europe and Asia Pacific.