Anti-phishing Software
webs...@gralicwrap.com
I am very excited today. As I write this first post, we have just
crossed our 1000th fraudulent phishing website activation at
Gralicwrap.com. And this has all happened within a short period of 30
days!
Can you imagine the extent of damage one thousand fraudulent URL's
can do? It could be in millions of dollars. Thousands of users of the
Gralicwrap anti-phishing software can sleep easy though as our software
continues to protect them.
For those who are new to this anti-phishing service, Gralicwrap 1.06
Beta is a Free Anti-phishing software which stops all fraudulent
phishing spoof websites by blocking access to them. We have a dynamic
fraud alert database updated 24/7 on an hourly basis.
It is high time that internet users unite to fight against internet
fraud and identity theft. At Gralicwrap.com, we enable and empower
individuals worldwide to play their part in this anti-phishing movement
by submitting all fraudulent emails to us, which we later add into our
database after verification. This in turn protects all users of our
software.
Just to give you an idea on the extent of identity theft fraud out
there, I am going to give you some hard numbers below.
Gralicwrap FraudAlert count as on 13th December 2005 for the last 30
days:
Name of Victim Company / Number of phishing websites in our database
Paypal - 325
Ebay - 176
Amazingly, Ebay and Paypal account for a whopping 50% of all scam
websites in our database.
By Alphabetical order:
Name of Victim Company / Number of phishing sites in our database
Amazon - 44
AF Bank - 2
AIB Bank - 1
AOL - 10
Bancorp South Bank - 1
Bank of America - 20
Bank of Oklahoma - 2
Barclays Bank - 54
Bank of the West - 1
Capital One Bank - 4
Chase Bank - 74
Citibank - 5
Colonial Bank - 4
Commercial Federal Bank - 14
Credit Union - 28
Deutsche Bank - 12
Ebay - 176
First Credit Union - 8
First Tennessee Bank - 9
Fulton Bank - 2
Halifax Bank - 11
HSBC Bank - 7
Johnson Bank - 1
Lloyds TSB Bank - 12
M & T Bank - 1
MasterCard - 1
National Credit Union Administration - 4
Natwest Bank 16
Paypal - 325
Postbank - 2
Royal Bank of Canada - 6
SouthTrust Bank - 5
Southwest Airlines Federal Credit Union - 1
Stormpay - 1
Teachers Federal Credit Union - 1
Tennessee Teachers Bank - 1
University of Colorado Federal Credit Union - 1
USAA - 3
Visa - 2
Volksbanken - 2
Wells Fargo Bank - 48
Western Union - 3
etc.
As most anti-phishing professionals (involved in fighting phishing on a
daily basis) would know, the phishers are getting ingenious day by day.
We have seen trojans, viruses, hidden address bars, mutilple url
forwarding, url cloaking, secure server (https) usage etc used by
phishers. Phishers are now after non-financial identity theft as well
as you can see from the Victim companies above. We have seen repeat
offenders among phishers. Probably phishing is not restricted to
individuals now and we have seen a trend of 'corporatisation' of
phishing. What this means is that earlier the phisher used to be a sole
individual, whereas now we see companies with several employees
involved in phishing as a business.
To combat such ingenuity we need to join hands and join forces to pool
all available resources for the anti-phishing movement. Corporations
need to wake up to the reality of phishing instead of being complacent
and thinking that the problem will go away on its own. This is akin to
the ostrich burying its head in the sand when it sees danger, thinking
that the predator cannot see it. Companies need to form dedicated
anti-phishing teams which can respond fast to phishing fraud alerts and
coordinate with hosting companies, domain registrars, anti-phishing
service providers and law authorities so that the extent of the damage
is minimized. Hosting providers and domain registrars need to be more
proactive and have an active abuse desk instead of just an abuse email
address. Law makers need to give teeth to the anti-phishing process and
put systems in place to make it mandatory for all hosting providers to
respond to phishing abuse within hours and also ensure that law
breakers are traced and brought to book and punished.
All this will happen no doubt....someday it will. Meanwhile, we at
Gralicwrap.com are trying our best to fight phishing with our free
antphishing software. If we have full co-operation from the victim
companies (who can co-ordinate with us on a daily basis) we can make
our database more accurate and our service more efficient. And last but
not the least, users like you can help us by continuing to contribute
to our database by forwarding all phishing mails to
webs...@gralicwrap.com.
Thank you,
Ameet Arurkar
Managing Director
Intelisys India Ltd
www.gralicwrap.com