Consumer Group Casts Wider Phishing Net

U.S. consumer advocacy group National Consumers League (NCL) has updated its anti-phishing education site with new e-mail authentication information for consumers. was created two years ago by the NCL to increase public awareness about e-mail authentication and certification, and to help consumers recognize phishing attempts. Phishing is the practice of online identity thieves posing as a bank or other trusted entity to lure users into providing account numbers, passwords or other personal information.

The site outlines the various forms a phishing attempt might take, such as an e-mail purporting to be from a consumer’s bank asking for verification of passwords or PIN numbers. It teaches users what to look for, such as mismatched “from” addresses, misspellings in the copy, or banks asking for account information they already have.

This week, the NCL has added some new information to the site explaining efforts by ISPs to filter out phishing messages using authentication and accreditation services. To tackle explanations of these issues, the NCL sought the help of reputation and accreditation provider Goodmail, which reviewed the educational information to the site.

The content is vendor-neutral, with no intention to promote Goodmail’s solution over others, according to Susan Grant, the NCL’s VP for public policy. “We are really promoting the adoption of e-mail authentication and certification technology, and not promoting any particular solution over another,” Grant told ClickZ. “We want to enrich the content on the site even more, and would be interested in talking to other industry leaders about working with us to do that.”

Last September, the NCL convened an “anti-phishing retreat” with several stakeholders, including consumer groups, academics, financial services firms, ISPs, security software providers, and fraud-focused organizations like the Anti-Phishing Working Group, the National Crime Prevention Council, and the National Cyber Security Alliance. That summit resulted in the release in March of a 66-page paper outlining key recommendations that form a comprehensive plan to combat phishing.

A set of best practices specifically for ISPs and other mailbox providers was issued jointly by the Anti-Phishing Working Group (APWG) and the Messaging Anti-Abuse Group (MAAWG) in July.

Learn more about making the most of your e-mail marketing efforts at E-Mail Marketing, the first in the new ClickZ Specifics conference series, October 24-25 in New York City.

Related reading