Aunty has a firm belief that anybody who has a vested interest in charging money for keeping you safe from harm is likely to have a vested interest in perpetuating the threat of that harm – otherwise they run the risk of becoming obsolete when that harm is no longer.
In Aunty’s old stomping grounds this was called a “protection racket”.
In WholeSecurity’s stomping grounds this is, apparently, called a “business model”.
Here’s how it works:
Major companies who are frequently phished, including, it has been announced, Microsoft, eBay, PayPal, and Visa USA, provide information and data to WholeSecurity related current phishing activities.
The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.
CashApp us
Venmo us
Paypal us
WholeSecurity is going to then sell a phishing alert service back to the ISPs and other interested sites. Along with blocklists created from the data.
Said a Washington Post story about the scheme, “Any organization currently targeted by phishing schemes can register to feed fraud data into the system, but only paying customers will be allowed to draw alerts from it.”
Any organization can feed fraud data to the system. Bloody generous of them, considering that they are going to use that free, volunteered data to create the alerts and blocklists for which they are going to charge people. And not much motivation there to actually develop systems which are phishproof – odd for a company which calls itself the “leading provider of behavioral endpoint security solutions” (Two Aunty points to the first person who can translate that to plain English!)
Nice…what’s that word again?..oh yes… “racket”.
The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.
CashApp us
Venmo us
Paypal us
Yeah, the big problem is that their solution is far from 100% detection rate they claim. I used their solution from the ebay toolbar – it detected only 1 out of 10 spoof sites!!! If ebay is paying wholesecurity for their tool, then it is a case of phishing money from ebay by using phishing threats :-)
I use EBay&Paypal…and EBay’s AccountGuard Toolbar(WholeSecurity behavioral detection) has on two occasions alerted me that I was being scammed, and it did so without blocklists in realtime when I went to the spoofed site.
I believe the purpose of charging for the list is a limited attempt at vetting the recipients of said list. If spammers or phishers were to be able to access the list for free, they would be able to circumvent the very purpose of the list.
Just my $0.02
“leading provider of behavioral endpoint security solutions”
Let’s see:
“Leading provider” – Management here at WholeSecurity all agree we are the best.
“behavioral endpoint” – Your system (endpoint) will block what WE tell it to, and YOU will NOT complain when we irretrievably block genuine email (behavioral).
“security solutions” – What you REALLY need, and what we want you to THINK you’re getting.