Washington Reporter
WASHINGTON - The House Financial Institutions and Consumer Credit Subcommittee held a hearing last week to look into an ICANN-Internet Corporation for Assigned Names and Numbers-proposal to limit public access to the domain name registrant contact information via the Whois database.
"Whois data is used by financial institutions to prevent identify theft and account fraud particularly related to phishing," Subcommittee Chairman Spencer Bachus (R-Ala.) stated. "I am concerned that the adoption of these proposals could compromise the ability of financial institutions to respond to identity theft and phishing attempts; therefore, I hope this hearing will prove successful in shedding light on this critical issue."
Phishing is when criminals send out a legitimate looking e-mail from a real company, typically financial services-related, in order to obtain personal financial information, an activity following an upward trend. In May 2006, the Anti-Phishing Working Group reported nearly 12,000 phishing sites that, on average, remained online for five days. Ninety-two percent of the phishing sites were on financial institutions.
NCUA, CUNA, NAFCU, and even Credit Union Times have recently been phished, as well as a number of credit unions.
Among those who testified was BITS/Financial Services Roundtable CEO Catherine Allen. BITS, of which CUNA is a member, is an organization that studies a variety of aspects of banking technology. She said in her written testimony that efforts to limit access to the WHOIS database "could adversely affect the financial services industry's efforts to respond to identity theft and phishing attempts. Timely response to phishing attacks and identity theft is critical to protect customers, financial institutions, and innocent consumers who may not be aware of their victimization. In many cases, the only tool financial institutions have for identifying registrants or purported registrants of domain names in a timely manner is via the WHOIS contact information."
CUNA Legislative Affairs Manager John Hildreth commented, "Credit union members are quickly becoming victims of some phishing e-mail." He explained that the fastest way to take action is for the financial institutions to track down the source of the fraudulent e-mail and Web site themselves then contact that source. "The most pressing issue is to protect credit union members," he said.
In a letter leading up to the hearing that was read into the record, NAFCU President and CEO Fred Becker outlined NAFCU's experience with having been phished. In a subsequent statement, NAFCU Associate Director of Legislative Affairs Dillon Shea said, "Unfortunately, phishing is an increasingly common crime. For victims, it can be extremely expensive and time consuming to pick up the pieces afterward. NAFCU is thankful the committee has decided to shed light on this issue and is working to ensure that consumers, law enforcement and financial institutions have tools to help combat the scam artists behind these crimes.
"Bachus held the hearing to address concerns that proposals before ICANN could compromise the ability of financial institutions to respond to phishing and ID theft." -scooke@cutimes.com
© Arc, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to TMSalesOperations@arc-network.com. For more information visit Asset & Logo Licensing.