Assistant Secretary of the Treasury, Wayne A. Abernathy, announced this week the release of a new report on the rapidly growing cyber-crime known as “phishing”.
“When President Bush signed legislation giving consumers and law enforcement important new tools to fight the spread of identity theft, he sent a message to identity thieves that their schemes would not be tolerated. The report being issued today by the FBIIC and FSSCC gives consumers even more information on how to detect, prevent, and mitigate the effects of the identity theft scheme known as phishing, a crime that costs American consumers and businesses billions of dollars every year,” said Assistant Secretary Abernathy.
The Finance and Banking Information Infrastructure Committee (FBIIC) and the Financial Services Sector Coordinating Council (FSSCC) jointly prepared the report, “Lessons Learned by Consumers, Financial Sector Firms, and Government Agencies during the Recent Rise of Phishing Attacks.”
The FBIIC, an organization comprised of representatives from federal and state financial regulators, coordinates and communicates among financial regulators to enhance the resiliency of the financial system. The FSSCC, an organization comprised of representatives from financial services organizations and trade associations, fosters and coordinates sector-wide voluntary activities and initiatives designed to improve critical financial infrastructure and homeland security. The FBIIC and the FSSCC work closely with the U.S. Department of Treasury to combat financial crime, to strengthen the critical financial infrastructure of the U.S., and to mitigate the effect of manmade and natural disruptions on the financial system.
In “phishing” schemes, an email is sent to a consumer, directing him or her to a fraudulent website. In many cases, the crook has designed the fraudulent website to closely resemble that of a legitimate organization – one that may have wide name recognition or that typically inspires trust among consumers. The spoofed website typically asks consumers to update sensitive personal and financial information that is then used by identity thieves to commit fraud. Recent phishing emails have purportedly come from government agencies, legitimate financial sector firms, Internet auction sites, and electronic payment services.
A recent private sector report found that 1,125 instances of “phishing” were reported in April 2004, alone – an increase of 180% from March 2004 to April 2004. The report finds that financial services industry websites are the most commonly spoofed.
The FBIIC/FSSCC report was released as part of a forum on identity theft entitled “Fighting Identity Theft: Outsmarting the Crooks” held at Penn Valley Community College in Kansas City, Missouri. The U.S. Department of the Treasury and BITS, a financial services industry consortium that addresses electronic banking problems, co-hosted the forum. The forum featured risk management experts from the financial services industry, law enforcement officials operating at the federal, state, and local levels, and representatives from technology companies developing new ways to stop identity thieves. During today’s program, the forum participants offered consumers helpful advice on how to outsmart the crooks.
In addition, through the leadership of the President in signing the FACT Act last year, consumers have been given greater power to fight identity theft and other financial frauds.”
In addition to Assistant Secretary Abernathy, other participants included Ms. Catherine A. Allen, CEO, BITS and Mr. Camden Fine, President and CEO, Independent Community Bankers of America.
Ten million Americans a year fall victim to Identity Theft, the fastest growing white collar crime in the country. Operating across state and national borders, identity thieves cost U.S. business and finance at least $50 billion a year in fraudulent transactions.
Visit www.treas.gov to view the FBIIC/FSSCC report or you may access Lessons Learned by Consumers, Financial Sector Firms, and Government Agencies during the Recent Rise of Phishing Attacks directly.