But what about the organised-crime gangs behind the major attacks?
By Andy McCue
Published: 29 April 2004 15:25 GMT
The UK's cyberpoliceforce claims progress is being made in the ongoing investigation into organised criminal gangs running increasingly sophisticated phishing email scams that attempt to lure people into revealing their bank account details.
The claim follows the arrest by the National Hi-Tech Crime Unit (NHTCU) of a 21-year-old man from Lytham St Anne's in Lancashire suspected of targeting customers of the Co-operative Bank's online banking service Smile in a "copycat" phishing attack. The bank reported the attack to the NHTCU in March.
Despite the arrest, the man is not believed to be connected to the organised crime group behind the global wave of phishing scams targeting bank customers in the UK, US, Australia and New Zealand.
A spokeswoman for the NHTCU would not reveal details of the investigation but said it is "ongoing" and that "progress is being made". She said it has not stalled but details are not being released because they could jeopardise the case.
DCS Len Hynds, head of the NHTCU, said in a statement: "The message is clear. Do not try this at home, we will find you. Anybody who thinks that they can copy a scam and get away with it is sorely mistaken."
Conflicting reports emerged over whether any customer accounts were compromised. While Smile denied that any had been, the NHTCU said they believed that some were.
Phil Garlick, director of operations at Smile, said in a statement: "We regularly remind customers via secure messages and on our website not to respond to emails of this kind as we would never ask customers to send personal information about their Smile account to us in this way."
Security expert Chris McNab, technical director at Matta Consulting, said trying to catch the culprits at the source is like trying to find a needle in a haystack.
"It is practically impossible to fully stop this at the source and you'll still have naive users clicking on the links. These scammers at the end of the day could be anywhere," he said.
The best way of tackling phishing, he argued, is for the banks to act reactively. "The banks are taking this seriously and looking at putting in automated systems to keep track of domain registrations and associated websites, as well as email monitoring. Obviously they have then got to try and shut the sites down as quickly as possible."
ZDNet UK's Matt Loney contributed to this report
The Company My client is a leading online retailer based in the centre of Lancashire in the North West of England. Site Promotions Management of the ...
Ideally will have worked for a small to medium sized BPO organisation - Must have industry experience - 10 years + sales experience - Will look at a ...
You will also look to develop new business by targeting potential clients throughout the private and public sector. If you have the above experience ...
Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.
Stories from the web...
Copyright © 2008 CBS Interactive Limited. All rights reserved. Top of page
Digg
Slashdot
Del.icio.us
Stumble
Reddit
RSS Feeds
Bob Tarzey Why you must rein in your power users When they do damage, it can be catastrophic to your business
Jon Collins Is losing a mobile device really such a big deal? How to minimise the damage to your business