AOL Announces Aggressive New Steps to Combat Phishing, Identity Theft

America Online today announced a range of aggressive new steps tohelp protect AOL members from "phishing" attacks -- the use offraudulent e-mail and fake web sites to gather sensitive personalinformation from users. New partnerships with leading anti-phishingcompanies MarkMonitor and Cyveillance, and an expanded agreement withexisting partner Cyota, now offer AOL members multiple layers ofinvisible protection against phishing attacks. Through those defenses,AOL announced it is now blocking roughly eight million phishingattempts against its members each day.

Among the strategies that AOL is now employing as a result of thenew and expanded partnerships with those companies:

-- Early warning systems that check newly-registered domains to see if they mimic legitimate site names, indicating they may be used for phishing.

-- Web crawling systems that constantly explore the Web looking for suspicious sites that imitate the text or appearance of real sites.

-- URL analysis that checks more than a million suspicious URLs referred by AOL members each day to determine if they are phishing sites.

-- Take down efforts that work with system administrators and web hosting providers worldwide to remove known phishing sites from the Web.

-- Technical countermeasures that target fraudulent sites to help reduce the risk of personal information being gathered on those sites.

-- Round-the-clock blocking of member access to newly discovered phishing sites by AOL's security and mail operations teams.

This effort comes on top of AOL's existing efforts to protectmembers from phishing attacks by blocking millions of e-mails each daythat contain links to known phishing sites before they reach amember's mailbox, as well as blocking member access to known phishingsites through the AOL (R) client.

"The only difference between a phisher and a mugger is that aphisher uses a keyboard and not a gun," said Tatiana Platt, AOL SeniorVice President and Chief Trust Officer. "Phishing and identity theftcrimes cost consumers billions of dollars each year, and we will doeverything in our power to protect our members from the onlinecriminals who would prey on them. We are proud to be teaming up withthe world's best cyber security firms to add these extra layers ofprotection for our members."

To help identify potential phishing sites, AOL uses memberfeedback through the millions of e-mails referred via the "ReportSpam" button, as well as input from a range of other internal andexternal sources. When a phishing site is identified, AOL works toblock incoming e-mails containing the URL to that site, as well aslimiting access to the site through the AOL software. In addition tofraudulent web sites that attempt to spoof pages of the AOL (R)service, AOL also works to protect members from scam sites thatimitate other legitimate companies such as banks, credit card issuers,online auctions, and online payment facilitators.

"We are pleased to partner with AOL to make the Internet safer forconsumers," said Mark Shull, CEO of MarkMonitor. "This is acomprehensive effort, which leverages MarkMonitor's strongidentity-based fraud detection and response capabilities, as well asour deep experience in identity protection for corporations. As aresult of this aggressive program, millions of AOL customers can feelmore secure and confident in accessing the Internet for the purposesit was intended."

"Phishing is one of the fastest growing forms of online crime andfraudulent destination sites cannot be detected or combated usingtraditional security tools. We are pleased to partner with AOL toprovide robust detection and protection services that add a solidlayer of defense for its members," said Panos Anastassiadis, CEO ofCyveillance. "Cyveillance is dedicated to developing technologysolutions to protect our customers against increasingly sophisticatedthreats and will continue to expand our technology to protect againstthe myriad of new dangers on the Internet."

"Over the past six years Cyota has developed an array of onlinefraud and authentication solutions deployed today by seven of the topten banks in the country," said Amir Orad, Executive Vice President atCyota. "We are excited to take our AOL partnership to the next levelas part of our ongoing battle against evolving online threats. Our24x7 Anti Fraud Command Center works on behalf of AOL and over 40large bank clients to shut down phishing sites, and mitigate thedamages of these online attacks."

In addition to the expanded efforts announced today, AOL hasdeployed a range of other tools and strategies - both visible andbehind-the-scenes - to help protect AOL members from phishing scams.Among them:

-- AOL Official Mail: AOL is the only ISP to use special markings that cannot be copied as a way to identify official AOL company mail for members.

-- Spam Blocking: Our aggressive efforts to block spam also protect members from millions of phishing attempts, which typically are done via mass e-mail attacks.

-- AOL Money Alerts: Members can choose to receive alerts about unusual account activity on their registered bank accounts or credit cards, offering an early warning system of possible identity theft.

-- Account Lockdowns: AOL continuously monitors its network for potentially compromised accounts. If discovered, AOL blocks access, and an AOL member services representative helps the member secure their account.

-- Member Education: AOL notifies members in every email and IM window that AOL staff will never ask for their password or billing information. And they can access tips about scams at AOL Keyword: Phishing.

-- Disabling Links in E-mail: AOL automatically disables links to Web pages in e-mails from unknown senders to prevent members from accidentally clicking on a phishing scam or virus. (The member can choose to activate those links after reviewing the mail).

About America Online, Inc.

America Online, Inc. is a wholly owned subsidiary of Time WarnerInc (NYSE:TWX). Based in Dulles, Virginia, America Online is theworld's leader in interactive services, Web brands, Internettechnologies and e-commerce services.

About MarkMonitor

MarkMonitor is the global leader in delivering comprehensiveonline corporate identity protection services, with a focus on makingthe Internet safe for online transactions. MarkMonitor's integratedBrand and Fraud Protection platform provides full life-cyclemanagement, including early warning, real-time detection, andinvestigation and response, to a wide and growing list ofidentity-based online security problems faced by corporations today.These solutions are enabled by a comprehensive brand and fraudintelligence network that monitors for inappropriate or fraudulent useof a corporate name or identity anywhere in the Internet, includingweb sites, search engines, major email systems, domain name systems,registries, message boards, blogs and chat rooms. For more onMarkMonitor, please refer to www.markmonitor.com.

About Cyveillance

Cyveillance provides online risk monitoring and managementsolutions to Global 2000 organizations. The company comprehensivelymonitors the Internet using patented technology to deliver earlywarning of risks to information, infrastructure and individuals. Armedwith this actionable intelligence and Cyveillance's immediatecorrective response capability, chief security officers canproactively protect their company's reputation, revenues and customertrust. Cyveillance counts over half of the Fortune 50 and threequarters of the top Fortune 500 companies in the financial services,pharmaceutical, energy, and technology industries as clients.

About Cyota

Cyota, Inc. is the leading provider of online security andanti-fraud solutions for financial institutions. Cyota's solutionsinclude fraud reduction tools for e-commerce and online banking aswell as anti-phishing services. Cyota operates in North America,Europe and Asia-Pacific with systems in use by thousands of globalfinancial institutions, including eight of the world's top 12 banks.Over 430 million accountholders are protected by Cyota's systems.Founded in 1999, Cyota is headquartered in New York with officesworldwide. For more information please visit www.cyota.com