Home: Identity Theft Prevention : Phishing Lessons: A Program that Teaches Consumers Not to Get Sunk

Phishing Lessons: A Program that Teaches Consumers Not to Get Sunk

Posted by Melanie Henson on Monday, October 27th, 2008

You’ve heard this phish story before: a friend or associate received an e-mail from a reputable bank or credit card company. Warned that her credit status was in danger, she was directed to a link where she was able to supply her information in order to “verify” her credit status. Two weeks later, her bank account was empty and her credit score had plummeted.

It had all seemed so legitimate, right down to the design of the web page and logo of the faux “company”. And your friend is only one of millions who get taken in by phishing each year.

Now one anti-fraud organization–the Anti-Phishing Working Group (APWG)–aims to teach people where they’ve gone wrong in getting scammed via email…and how to avoid it next time.

The Devil You Don’t Know

Make no mistake: phishers are creative. As much as you may be convinced that you could never be fooled by a phishing scam, “professional” online criminals continuously come up with new ways to leach information from you…and these ways get more subtle and convincing each time.

“We know from experience that an educated consumer is the best defense against fraud,” commented David Shroyer, senior vice president, eCommerce Online Security, Bank of America, in an interview for Georgiafrontpage.com.

Fool Me Once

Working to combat a problem that’s become a billion-dollar industry, AWPG, in conjunction with Carnegie Mellon University, is instituting a program that will redirect potential victims to a page that gives information on phishing. Called the AWPG/Carnegie Mellon Phishing Education Landing Page Program, the initiative addresses phishing fraud at the point the person would potentially become a victim.

How does it work? In the planned scenario, an individual unwittingly clicks on a link that was created in order to leak information from him and criminally access his bank account. As soon as he does, he’s redirected to an anti-phishing educational page. Not only is he given a heads-up that he could have been clicking on a fraudulent site, but he now has information in front of him on how to keep from making the same mistake in the future.

How it All Comes Together

The APWG/Carnegie Mellon’s program will identify sites that have been shut down by investigators for phishing fraud. Normally, an individual who clicked on these defunct links would receive an error or “page not found” message. Thinking it’s some kind of glitch, the potential victim would simply go on his way, forgetting the incident almost as soon as it was over.

Instead, this revolutionary program redirects consumers to an educational page that warns consumers of the dangers of phising and teaches them how not to innocently click on a potential danger the next time. By working at the exact point that the person is in the act of falling into a fraud trap, the information is read immediately. The program will work on both personal computers and laptops using different technologies, officials say.

AWPG is implementing additional ways to combat the problem as well, including a phishing fraud report page. Meanwhile, the organization will continue to further the project, including translations into other languages so that the information can be spread internationally.

Share this article: