After suffering a year of badly eroded customer confidence caused by scam e-mails linked to ghosted bank Web sites, the financial industry has swallowed its pride and slipped into bed with police to fight online fraud.
Specialist security staff from the Commonwealth Bank Group, Westpac Banking Corp., National Australia Bank Ltd., ANZ Banking Group Ltd. and St George Bank Ltd. have been dispatched to the Australian High-Tech Crime Centre (AHTCC) in Canberra to work on a newly formed anti-phishing squad.
To be known as the Joint Banking and Finance Sector Investigation Team, the banks will second five full-time staff to the AHTCC. The staff will provide specialist advice and will effectively act as a liaison conduit between their own institutions and law enforcement authorities to gather intelligence, identify scams as they happen and shut them down.
The move effectively resolves a long standing impasse between law enforcement agencies and the banks over what access banks give police and other agencies to data on fraud within financial institutions in the course of their investigations.
The crime center has also managed a financial coup for law enforcement, with all the positions from the banks being funded out of a special finance industry kitty. The Australian Bankers Association, the Credit Union Services Corporation of Australia Ltd. (Cuscal), Mastercard and Visa have all stumped up cash for the new venture — but will not say how much.
American Express has also confirmed it will contribute expertise to the joint effort, but was similarly unable confirm whether it will be a paid-up contributor.
A spokesman for Justice Minister Chris Ellison described the formation of the anti-phishing squad as “a very positive development” that involved negotiations that went for “a number of months” between the justice minister, law enforcement agencies and banks.
However, the spokesman said he was as yet unable to put a dollar value on the contribution of the banks, saying only that it may “perhaps” come at a later date.
Another output of the public-private crackdown on cyber crooks will be the creation of a “National Response Plan” to enable financial institutions to report phishing outbreaks to AusCert for analysis and investigation.
The Department of Communications, Information Technology and the Arts (DCITA) has similarly chipped in with the Australian Communications Authority understood to be investigating ways to leverage a number of memoranda of understandings with other countries to prosecute spammers.
Manger for online policy at DCITA’s spam-busting Office of the Information Economy (OIE) Lindsay Barton said, “We are having ongoing detailed discussions with a number of jurisdictions about antispam policy (through the OIE) and enforcement activities (through the ACA)”.