Chinese puzzle hampers banks' phishing fight

Ni hao

By John Leyden • Get more from this author

Posted in Spam, 3rd November 2004 12:03 GMT

Free whitepaper – Certify your software integrity with Thawte code signing certificates

Banks seeking to have phishing websites located in China taken down face a language barrier. According to senior IT security staffer at a merchant bank, China's security response team's sole staffer speaks Mandarin only.

Understaffing has seldom been a problem in the world's most populous country but a group of IT security staffers we spoke to at a First Tuesday event in London last night told us that China's CERT team was a one-man operation, at least in terms of how it appeared to those outside the country. "Luckily we had a Chinese speaker on staff that was able to speak to the chap who did whatever it is he does. The site was taken down quite quickly," a IT security staffer from Deutsche Bank told El Reg.

International response to taking down fraudulent websites varies enormously by country, we understand. A phishing website hosted in China or Russia can reappear in Cuba or elsewhere minutes after the first site is taken down. This is a key concern for banking security personnel, who - despite the limited financial losses to UK banks due to phishing attacks - are concerned about the potential of phishing attacks to tarnish brand reputations and turn consumers away from ecommerce. ®