I was reading this morning that the Federal Trade Commission (www.ftc.gov) is hosting an open discussion on phishing. I participated in two FTC roundtables several years ago, one on spam and one on spyware. I’m not sure what these roundtables actually accomplish, but it is somewhat heartwarming that our government wants to understand consumer fraud, privacy, and security on the Internet. Whether they can solve the problem or not, which I don’t believe they can simply because the problem is bigger than a single government, they usually post the transcripts afterward and they make for an interesting read.
The discussion is open to the public and will take place at the agency’s headquarters in Washington DC on April 1, 2008. Experts from business, government, technology, and academia will talk about how to educate the public about phishing and how to decrease risky online behavior.
User education is probably the best answer to phishing. Once users are taught the risk they understand not to give their info away. The same way you teach your children not to take candy from strangers, it’s time to teach them not to visit suspicious web sites.
Phishing is big business. I’ve read estimates ranging from hundreds of millions to several billions lost in phishing related fraud.