Print

Phishing has become a huge growth industry for identity-theft scammers. In a recent report, the Anti-Phishing Working Group estimated that more than 2,600 active "phishing" sites exist on the Internet - all aimed at conning people into divulging sensitive financial information. That number, frighteningly, is growing rapidly.

Report Phishing Federal Trade Commission FTC Anti-Phishing Working Group APWG

What is phishing, and why should banks worry about it?

Phishers send thousands of counterfeit e-mail messages designed to look like they are from a reputable business, frequently a bank. Recent victims include some of the biggest and best-known banks in the country. The e-mails typically warn recipients about a possible security breach and ask them to "confirm" account data. Unsuspecting people who respond are directed to one of the aforementioned phishing sites, where their financial information is collected -- and then used to loot their accounts. More >>>

As part of its continuing commitment to educate the marketplace, ABA is providing you with internal and external resources that will help you spot and report suspected phishing activity.

ABA's technology newsletter, eAlert, has been highlighting the phishing threat for several months in many of its issues. Below you will find links to it and other anti-phishing sites. Protect yourself from getting fried by phishers!

The ABA will continue to follow this issue closely.

Regulatory Guidance | Publications | ABA Resources
ABA-Endorsed Solutions | Other Resources

REGULATORY GUIDANCE

• FAQ on FFIEC Guidance on Authentication
• The FFIEC Guidance on Authentication
• FDIC Issues Guidance on Spyware 
• OCC Internet Banking Opinion Letters and Guidance
• FDIC Consumer Alerts- Phishing Scam
• OTS: Memorandum for CEO's "Phishing and E-Mail Scams" 
• Federal Trade Commission Issues Identity Theft Definition Rule
• OCC Guidance on ID Theft and Pretext Calling
• FDIC - Identity Theft Symposium: Fighting Back against Phishing and Account Hijacking
• FDIC Comment Letter: Putting and End to Account Highjacking Indentity Theft
• OCC Final Rule: Conducting business using electronic technologies
• ABA Comment letter regarding the online delivery of financial services
• OCC Internet Banking Guidance
• FDIC Examinations: Information Systems & E-banking Page
• FFIEC Information Systems Examination Handbook:
  • Volume 1
  • Volume 2

PUBLICATIONS

• Identity Theft Study Supplement on "Account-Hijacking" Identity Theft 
• Identity Theft Communications Kit 
• Safeguarding Customer Information Toolbox
• ABA Brochures on Identity Theft, Account Fraud and Phishing
• FFIEC Customer Brochure: Protecting Customers' Personal Financial Information
• VeriSign's Internet Security Intelligence Briefings
• Interagency Anti-Phishing Brochure
• Phishing: The Legal Challenges for Business 
• Putting an End to Account-Hijacking Identity Theft
• Look Before You Click Trojan Horses and Other Attempts to Compromise Networks
  US Department of Homeland Security and US Department of State
• Weblinking: Identifying Risks and Risk Management Techniques 
• Is Internet Banking Profitable?
• Internet Banking Developments and Prospects 
• Who Offers Internet Banking?
• Before you connect a new computer to the Internet
• Home computer security
• FTC's "Phishy" Videos

ABA RESOURCES

• Identity Theft: A Risk to be Managed
• Don't Get Lured Into a Phishing Scam: Tips to Protect Yourself 
• Creating the Cross Channel Experience
• Internet Banking: Is It Offense or Defense? 
• Internet Banking Profitability: Promise or Pipedream? 
• ABA Webcast Presentation: Best Online Banking Practices:
  January 2002
  • Forrester Research: Next Generation Financial Sites
  • Gomez, Inc: Paradoxes and Progress
  • MicroBanker, Inc: Online Partnerships, How to Give Customers What They Want
    

ABA-ENDORSED SOLUTIONS

• Information Security
• Internet Banking and eFinance Solutions
• Internet Banking Liability Insurance

Back to

• Technology & Payments Menu

Questions? Please contact Doug Johnson for more information.