Phishing: Bank of America Joining in Phishing Prevention Group
- Bank of America has joined a new anti-phishing coalition to carry on working on mobile and online fraud prevention.
- Bank of America has the largest number of online and mobile users in the US: as such, it represents a prime choice target for fraudsters.
- The new group, named Domain-based Message Authentication, Reporting and Conformance (DMARC) also includes Google, Yahoo! and Microsoft. It intends to push “a standard mechanism for verifying that an email has been sent from the entity it purports to be from”. Three to five years should however be required to allow for large-scale adoption of this standard.
- The Gartner Institute acknowledges Bank of America’s efforts to prevent fraud: over the years, several secutity options have in fact been proposed by this player. Some even show long term commitment to improve the situation: use of images for verifications in e-banking contexts, SiteKey (2005); anti-phishing add-on to secure customers’ browsing (2006); patented devices to enhance customer awareness of security issues (2009) and promotion of this training tool to the other financial institutions with the help of the Anti-Phishing Working Group, etc..
- Phishing figures are especially worrying on the US and this kind of fraud stands right behind identity usurpation cases in the top 12 most serious threats (“Dirty Dozen”) of the Internal Revenue Service (IRS). This agency also reminds that it never contacts payers through digital means (e-mail, social networks, SMSs, etc.) to enquire personal or banking information.