To print: Click here or Select File and then Print from your browser's menu

This story was printed from silicon.com, located at http://www.silicon.com/

Story URL: http://software.silicon.com/malware/0,3800003100,39152030,00.htm

Leader: Filter out the fraud
ISPs must take responsibility for the sites they host

By silicon.com

Published: Wednesday 07 September 2005

With the growing number of email scams out there, you would assume a company as widely used as Yahoo! would regularly scan its networks for any fraudulent-looking domains it may be hosting.

Apparently not. According to Spamhaus, there are thousands of dodgy sites connected with phishing scams hosted on Yahoo!.

Since phishing scams began, banks, eBay, PayPal, ISPs and vendors have banged on about user education as the best defence against these attacks.

But how effective can teaching users about the dangers of the web be if supposedly respectable organisations allow these sites to be published?

ISPs and website hosts have repeatedly managed to avoid taking responsibility for any content that passes through their hands, so fraudulent and malware-ridden emails are still reaching the end user.

This has fuelled a healthy market of security products for these users, as many have been duped into believing that technology above all will save the day.

But these fixes only do so much. Education is needed - but it's a tough task, and made tougher by the fact most firms and governments have failed to wholeheartedly embrace security education and now by ISPs avoiding responsibility.

Any company hosting websites should know what's on its servers - and remove content that's clearly fraudulent.

If Yahoo! or any ISP or website host wants credibility and people's trust, they should lead by example.