Phishers continue to exploit holes in spite of increased security

• Despite the continued efforts of researchers, security providers and online businesses to discourage phishing schemes and shut down related Web sites, some criminals are still able to flout the system and find ways to keep their illicit operations up and running.
• An example of one type of phishing attempt that still manages to frustrate do-gooders appeared online in early November, in the form of a Christmas-themed Web site that mimics the name, look and feel of online auctioneer eBay Inc. in an effort to steal its customers' account and password information.
• However, unlike the scores of unlawful sites discovered and successfully shuttered by eBay each month, this particular phishing site, which won't be named for the sake of protecting consumers, continues to exist as a nuisance.
• At the heart of the problem of taking this phishing site offline is the fact that the ISP and domain registrar responsible for supporting the Web page reportedly hasn't responded to requests from eBay and others demanding that the unlawful operation be pulled from the Internet.
• One of the first people to publicly identify the eBay Christmas phishing site and attempt to make contact with Joker.com was Richi Jennings, a representative for FixingEmail.org, a nonprofit group that works to educate consumers about the dangers of attacks borne by e-mail.
• "Usually these types of companies are good at responding to phishing and taking down sites, but in this case the company appears to be a black hole, which is really worrying."
• The combination of a believable copy of eBay's pages with the unresponsive ISP, and launched during the holidays, when more consumers are shopping online than any other time of the year, proves that phishing schemes are still a serious problem, Jennings said.