Recommended: System Errors? Click here to Fix your PC »
Today, phishing, pharming and online fraud are growing as fast as online sales,which topped $136 billion in 2004 according to Forrester. Particularly hard hit aresmaller financial institutions like banks and credit unions as they are the new"soft target" or favorite of fraudsters as recently reported by The Washington Post,http://blog.washingtonpo st.com/securityfix/2006/02/the _new_face_of_phishing_1.html
This type of threat is part of a growing vulnerability directly related to the floodof low assurance SSL certificates that recently entered the market. These lowassurance certificates do not validate the legitimacy of the business entity, butrather these low assurance providers rely on automated validation processes whichonly check to be sure the applicant has control over the domain but does nothing toestablish the legitimacy of the business. As a result, fraudsters have a new, easychannel to procure the important gold padlock trust symbol to provide a veneer oflegitimacy to their site. These low assurance SSL certificates are damaging to theInternet Trust Model because consumers have no effective means to distinguishbetween a legitimate and fraudulent business.
"Comodo SVT is a revolutionary approach to authenticating Web content. With SVTtechnology deployed, the credit union discussed in the Washington Post article couldhave helped their customers mitigate the threat of this phishing attack," said MelihAbdulhayoglu, President and CEO of Comodo. "Consumers can now avoid most phishingand pharming attacks with a new level of free downloadable security. By making thisaccessible to all consumers, we believe that Web content verification will become atrusted and standard part of a consumer's online process. This will go a long way toreestablishing trust so consumers can feel more confident when doing businessonline."
High Assurance SSL certificates, like those issued by Comodo, validate the businesslegitimacy of the Website through established PKI (Public Key Infrastructure)security processes. These types of certificates are issued by CertificationAuthorities who adhere to strict standards to authenticate the validity of thebusiness behind the Website. With this type of business legitimacy vetting process,any phisher attempting to obtain an SSL certificate (and the trusted padlock icon)would be stopped.
Comodo's SVT technology provides consumers with an effective, "spoof-proof" means toestablish trust, authenticate identities and ensure a trusted transaction. Thedownloadable Verification Engine (www.vengine.com) distinguishes between "good" highassurances and "bad" low assurance padlocks. This level of authentication occursautomatically when a consumer goes to a secured or "https" session from an unsecuredWeb page by displaying indicators.
Secondly, during the browsing and transaction processes, consumers can verifyspecific Web content to verify site identity and authenticity. To authenticatecontent, consumers simply roll their mouse over the content they want toauthenticate and they will see a highly visible "green is good to go" border onverified content - virtually eliminating phishing and pharming trust threats.Importantly, since the verification process takes place outside the browser, itprotects consumers from mimic sites and attacks.About Comodo
Comodo is a leading global provider of Identity and Trust Assurance services on theInternet, with over 200,000 customers worldwide. Headquartered in Jersey City, NJwith global offices in the UK, Ukraine, Norway and India, the company offersbusinesses and consumers the intelligent security, authentication and assuranceservices necessary to ensure trust in online transactions.
As a leading Certification Authority, and in combination with the Digital Trust Lab(DTL), Comodo helps enterprises address digital ecommerce and infrastructure needswith reliable, third generation solutions that improve customer relationships,enhance customer trust and create efficiencies across digital ecommerce operations.Comodo's solutions include integrated Web hosting management solutions,infrastructure services, digital e-commerce services, digital certification,identity assurance, customer privacy and vulnerability management solutions. Foradditional information on Comodo - Creating Trust OnlineĆ - please visit:www.comodogroup.com.
