More than a dozen corporate giants in the retail, telecommunications, financial services, banking and technology industries are joining forces to combat phishing, spoofing and other methods of online identify fraud.
The companies — among them AT&T Wireless Services Inc., IBM Corp., Best Buy Co. Inc., and Fidelity Investments Inc. — Wednesday announced the formation of the Trusted Electronic Communications Forum (TECF), a group that will focus on eliminating phishing’s threat to e-mail and e-commerce. Details about the group first emerged Tuesday.
“TECF was built around the concept that the only way we were going to combat the problem of phishing and spoofing was to create a consortium, a forum, that was cross-industry and global that focused specifically on phishing and spoofing,” said TECF chairman Shawn Eldridge. The TECF, he said, plans to work “toward the standards with technology, techniques, best practices to combat phishing as well as working with government agencies to help for reporting of phishing attacks, as well as the prosecution of phishers.”
According to Eldridge, the organization now has four working groups: technical standards, best practices, government affairs and social engineering. Its short-term goals are to quickly find mechanisms, technologies and other ways to combat phishing today.
“Longer-term goals include working with the U.S. government and other governments in Europe on the prosecution side, as well as the finalization of standards that actually prevent and stop phishing scams from occurring,” Eldridge said.
The group will meet formally for the first time in a couple of weeks, he said.
Phishing attacks by hackers, in which fake Web sites and messages are used to steal financial information from online consumers, are so widespread that an estimated 57 million Americans have likely received fraudulent e-mails, according to a study released last month by Gartner Inc.
Direct losses from identity theft against phishing victims cost U.S. banks and credit card issuers about US$1.2 billion last year, according to the study.
A statement on the TECF’s Web site, www.tecf.org, said the companies are concerned about virtual threats that “have impeded the progress of Internet communications and have damaged the trust between enterprises and its customers.
“Financial institutions, Internet service providers and other service providers must take phishing seriously,” said Gartner analyst Avivah Litan in the statement. “These service providers should take action to apply solutions that dramatically minimize, if not eradicate, the threat, even if the service providers themselves are not direct targets.”