Anti-Phishing Initiative Gives ISPs a Role in Fighting Crime

As phishing attacks become more common, a new initiative brings together the targeted institutions, the ISPs, and law enforcement to create a rapid response team to fight crime.

by Alex Goldman ISP-Planet Managing Editor [December 9, 2004]

The Digital PhishNet initiative, announced yesterday, brings together the institutions targeted by phishing, such as banks, along with those whose assets are exploited during the crime, such as ISPs, and those tasked with solving the problem, such as the Federal Trade Commission.

We spoke with a Digital PhishNet co-founder, EarthLink. Les Seagraves, chief privacy officer and assistant general counsel for EarthLink, says that the phishing problem in particular demands a rapid response from ISPs and law enforcement.

"Phishing only 'works' (if that's the appropriate term) if you can broadcast a huge amount of messages very quickly (you run into anti-spam blocking issues) and have (typically) a website that's up for at least a short time. The criminals know that ultimately the e-mail is blocked and the website is shut down. Then they set up somewhere else. These criminals are looking for a quick success. They understand that it will be shut down and people will find out about it. The key is shutting it down while it's still active."

The necessity of speed makes fighting phishing very different from fighting spam. "With most spam, there's an actual website or product, and those websites will stay up because the selling is not illegal even though the spam is. Acting quickly is not as important, and they'll even send you a product."

Statistics from a study by an older association, the Anti-Phishing Working Group, show the problem is growing. The Phishing Activity Trends Report [.pdf] for October, the most recent available month, say that phishing was up 25 percent from July to October alone. The same report notes that phishing sites were up for an average of 6.4 days during that period.

The Digital PhishNet initiative is in its infancy, but the goals are clear. "The goal is that when you get an attack, you report it, analyze it, and pass it along immediately to law enforcement to act on it," says Seagraves. "In the past, some of us would go to law enforcement, but now that we have a pipeline, it will be much easier."

Membership is free, and members can apply to join by filling out an online form. The form says that members are expected to report phishing attacks and assist law enforcement with investigations.

ISP-Planet recommends that every ISP have, in its ToS, a note that no customer is allowed to use the Internet to commit a crime, and a warning that all crimes will be investigated. ISPs considering writing a more detailed ToS should look around the industry, especially at industry veterans like Telerama whose ToS is worth reading.

— End