Phishmongers: WholeSecurity to Sell Phishing Alerts - 1,519 Views, 4 Comments

Summary: Aunty has a firm belief that anybody who has a vested interest in charging money for keeping you safe from harm is likely to have a vested interest in perpetuating the threat of that harm - otherwise they run the risk of ...

Previous Article « Verizon and MCI: Email Refuser to Acquire Email Abuser
Read Next Article » Click Fraud: It’s Not Nice to Fool Mother Google

Follow Anne on Twitter Friend Anne on Facebook

Aunty has a firm belief that anybody who has a vested interest in charging money for keeping you safe from harm is likely to have a vested interest in perpetuating the threat of that harm - otherwise they run the risk of becoming obsolete when that harm is no longer.

In Aunty’s old stomping grounds this was called a “protection racket”.

In WholeSecurity’s stomping grounds this is, apparently, called a “business model”.

Here’s how it works:

Major companies who are frequently phished, including, it has been announced, Microsoft, eBay, PayPal, and Visa USA, provide information and data to WholeSecurity related current phishing activities.

WholeSecurity is going to then sell a phishing alert service back to the ISPs and other interested sites. Along with blocklists created from the data.

Said a Washington Post story about the scheme, “Any organization currently targeted by phishing schemes can register to feed fraud data into the system, but only paying customers will be allowed to draw alerts from it.”

Any organization can feed fraud data to the system. Bloody generous of them, considering that they are going to use that free, volunteered data to create the alerts and blocklists for which they are going to charge people. And not much motivation there to actually develop systems which are phishproof - odd for a company which calls itself the “leading provider of behavioral endpoint security solutions” (Two Aunty points to the first person who can translate that to plain English!)

Nice…what’s that word again?..oh yes… “racket”.

Phishmongers: WholeSecurity to Sell Phishing Alerts

Follow Anne on Twitter

Twitter Explained in Plain English

Friend Anne on Facebook

Previous Article « Verizon and MCI: Email Refuser to Acquire Email Abuser
Read Next Article » Click Fraud: It’s Not Nice to Fool Mother Google

» Cingular Wireless Customers Can Receive AMBER Alerts by Phone (News Release)

» MySpace to Post Operation Amber Alerts

» Phishing at Blackpool: Man Arrested

For additional similar stories check out our archives on Phishing

NOTE: We never, ever, ever will recommend any product or service on this site that we have not regularly used ourselves and do not wholeheartedly believe in. That said, in some cases after being very pleased with a product or service, we may enter into a relationship with the provider of that product or service such that if someone purchases that product or service based on our recommendation, we may get a small payment. Such payments go towards the upkeep of the Internet Patrol.

4 Comments »

“leading provider of behavioral endpoint security solutions”
Let’s see:
“Leading provider” - Management here at WholeSecurity all agree we are the best.
“behavioral endpoint” - Your system (endpoint) will block what WE tell it to, and YOU will NOT complain when we irretrievably block genuine email (behavioral).
“security solutions” - What you REALLY need, and what we want you to THINK you’re getting.

Comment by ZacOz — 2/16/2005 @ 2:10 am
I believe the purpose of charging for the list is a limited attempt at vetting the recipients of said list. If spammers or phishers were to be able to access the list for free, they would be able to circumvent the very purpose of the list.

Just my $0.02

Comment by Aikisensei — 2/16/2005 @ 6:08 am
I use EBay&Paypal…and EBay’s AccountGuard Toolbar(WholeSecurity behavioral detection) has on two occasions alerted me that I was being scammed, and it did so without blocklists in realtime when I went to the spoofed site.

Comment by Peter Vogt — 2/16/2005 @ 6:18 am
Yeah, the big problem is that their solution is far from 100% detection rate they claim. I used their solution from the ebay toolbar - it detected only 1 out of 10 spoof sites!!! If ebay is paying wholesecurity for their tool, then it is a case of phishing money from ebay by using phishing threats :-)

Comment by Murky Shadow — 2/27/2005 @ 4:27 pm

RSS feed for comments on this post.

Warning! All comments which contain URLs and are clearly just spam to generate a link back to the URL will be deleted on sight. Don't bother wasting your time!
If you are going to include a URL in your comment,
please keep it under 25 characters in length,
or use TinyURL to shorten it before including it in your comment.
Line and paragraph breaks are automatic, your email address is never displayed.
HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

This article first appeared on 2/14/2005

About

About TIP

About Anne

Follow Anne On:

Twitter
Linked In
Facebook

*Twitter Explained in Plain English

Search
Categories

Recent Comments to Our Articles

Dozer: I read where the Flexispy works for "smart phones" I have a Razr and the target phone is also a Razr. Would this software work read

"gunner": to: Chatoorgoon Jagdeo, congratulations, you have saved yourself time and money, and avoided seeing your hard earned money going into the pockets of thieves. well done read

"gunner": how many times do you have to be told, "the cake is a lie, there is no spoon" and the lottery is a scam read

"gunner": good reasons why i've avoided both "facebook" and "twitter" and will continue to do so read

Del Irwin: The service was ok for 5 years, though with hidden charges and lots of calls to get them removed. Very slimey company.. when I went read

william: my home boys comment isnt on here wtf read

william: I don't think his is a real becuse if it was why could they not just give them the rice?i thing that tis is just read

Harishchandra Salvi: Please help me to get my mobile Nokia 1209 Silver Grey IMEI: 356072033323873 i love my mobile very much and request you to help me pls. read

Pierre: Sad, sad, sad. You'd think that the designers of the Kindle would have known something about the real world, and that the product would read

Allen MacCannell: Hi Anne, Twitter is, sadly, not adding anything close to what Tweetdeck and Twhirl offer. Those two apps (+ the fantastic PowerTwitter Firefox plugin) setup a read

Todd: The link doesn't go to a form anywhere, and I can't find the form. Perhaps they don't allow this for anyone anymore. read

Jon: There are a couple of organisations clammering to purchase shares in City Networks Inc. One of them being "Penn Capital Management Ltd" in Osaka, Japan read

Fjord Prefect: The reason why Google is upset is this: Microsoft already owns 80% of the desktops in the world, they also provide IE which comes with read

Michael Anderson: The lawyer's comment is idiotic. A customer who has received poor service outside of the bounds of the terms of his agreement with the carrier read

Michael Anderson: This is not exactly correct. In most states, minors are able to form "voidable" contracts--that is, the minor can bind the competent party, but the read

Get a FREE summary of the week's articles by email every Friday!
We NEVER share your email address, and you can stop them any time!

Be sure to watch for the confirmation email!

Search

Get a FREE summary of the week's articles by email every Friday!
We NEVER share your email address, and you can stop them any time!

Be sure to watch for the confirmation email!