By combining a global threat detection network leveraging real-time reporting by trust-rated users with a unique fingerprinting methodology, Cloudmark is able to identify and begin blocking new spam, phishing and virus attacks within moments, versus hours or days required with competing solutions. Noted for industry-leading speed in detecting and deterring new threats, Cloudmark is uniquely capable of accurately identifying and blocking these spoofed-number attacks. The company detected two new VoIP-specific attacks this week. As a precaution, Cloudmark advises against dialing phone numbers received in emails from institutions and to double-check and dial the numbers printed on ATM cards instead.

Adam J. O'Donnell, Ph.D., senior research scientist at Cloudmark, says, "We've seen two separate VoIP attacks hit our network this week, the first we've been able to analyze in detail. In these attacks, the target receives an email, ostensibly from their bank, telling them there is an issue with their account and to dial a number to resolve the problem." Callers are then connected over VoIP to a PBX (private branch exchange) running an IVR system that sounds exactly like their own bank's phone tree, directing them to specific extensions. In a VoIP phishing attack, the phone system identifies itself to the target as the financial institution and prompts them to enter account number and PIN. "The result," O'Donnell surmises, "can be personally financially devastating."

Traditional content and identity rules based on volume analysis for capturing spam do not work for phishing threats: phishers move quickly, using and breaking down multiple sites to launch the same attack. VoIP-based services allow phishers to cheaply add and cancel phone numbers that are harder to trace than conventional numbers. The Cloudmark Collaborative Security Network's use of unique fingerprinting algorithms is able to identify the phone numbers used in VoIP phishing attacks. The CCSN first spotted and began to block these threats last week. It is characteristic of the network to automatically stop threats without the research team having previously identified them, and thus likely that the CCSN has been stopping VoIP-based attacks for some time.

Dr. Jose Nazario, a senior security engineer within the Arbor Security Engineering & Response Team (ASERT) at Arbor Networks Inc., a network security leader for global business networks, notes, "Cloudmark's large customer base gives them a unique position to detect and prevent phishing attacks, which are highly sophisticated, targeted, transient and dynamic, thereby making it far more difficult to uncover and capture the perpetrators. Leveraging their unparalleled data helps Arbor by enabling its customers to track and stop phishers mid-attack."

Rapid, Intelligent Detection

Cloudmark offers two distinct services to thwart phishers, including an anti-phishing data service that provides confirmed phishing URLs to its customers. The Cloudmark anti-phishing engine fits within the service provider's infrastructure to provide filtering protection at the messaging gateway from fraudulent email. It scans each message and computes a set of fingerprints on the message, a process that is automatic, lightweight and highly scalable for large volumes of email. Cloudmark's approach consistently proves faster and more accurate than competitive methods of relying on fingerprinting algorithms to analyze the structure of messages sent by phishers and block new attacks in advance of receiving URL reports.

About Cloudmark

Founded in 2001, Cloudmark Inc. delivers the industry's fastest and most accurate spam, phishing and virus detection solutions. The Cloudmark methodology leverages an optimized combination of automation, human intervention and real-time reporting by millions of trusted and rated users in more than 160 countries. Used by service providers, enterprises and desktop users worldwide, Cloudmark's award-winning solutions are marketed direct and through partners worldwide. A privately held, San Francisco-based company, Cloudmark sits on the steering committee of the Anti-Phishing Working Group (www.apwg.com). More information about Cloudmark, is available at: http://www.cloudmark.com.