Sophisticated 'phishing' frauds cracked by new MailScanner device

A new anti-spam device, which could put an end to email scam 'phishing' frauds, was launched on 1 November. The term 'phishing' describes the act of sending an email to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. This year, UK bank customers have been targeted by a new wave of 'phishing' frauds. The fraudsters send emails claiming to be from banks and credit card companies, which invite customers to access what appears to be a genuine and legitimate financial services home page and update their details. Customers are asked to log on by keying in their details, including access codes and passwords; in many cases this has led to their accounts being emptied. Now, to combat this fraud, Julian Field, from the School of Electronics and Computer Science (ECS) at the University of Southampton, has developed a new and effective device. Julian is lead developer of MailScanner, which is already the world's most widely used anti-spam computer security system. Julian's new device searches for web links in email messages and compares the address provided with the actual organisation's address. If the two do not match, MailScanner places a large red message in the email by the link, alerting users to the warning and flagging the real location of the website as well as the bogus version. Julian comments: 'These attacks are proving highly effective at stealing people's credit card numbers, PIN numbers and just about any other confidential personal information the thieves want. The copy of the bank's website is an extremely good imitation and quite good enough to fool 99.9 per cent of people into thinking that it is the real thing. Our device, the first of its kind, will alert people and hopefully stamp out this crime. It needs no frequent updates and will identify these attacks before they hit anyone's mailbox.'