The FBI is stepping up its fight against online fraud with an initiative called Operation Identity Shield, according to a senior official.
The project, which is already in operation, is one of a growing number of collaborations between the FBI and the technology industry. "It's sort of an evolution of what we've seen in the phishing area," said Daniel Larkin, chief of the FBI's Internet Complaint Center, speaking at the Black Hat USA conference in Las Vegas yesterday.
The FBI's antiphishing effort, called Digital PhishNet, was launched in late 2004 with backing from companies such as Microsoft, AOL and VeriSign, as well as the US Secret Service and the US Postal Inspection Service.
The FBI plans to publicise Operation Identity Shield in the coming months, but already Larkin credits the effort as contributing to a number of arrests.
Concerns over identity theft are on the rise. The US DoJ (Department of Justice) estimates that about 3.6 million families – about 3 percent of all US households – were hit with some sort of identity theft during the first half of 2004. This crime costs the US an estimated $6.4bn (about £3.4bn) per year, according to the DoJ.
The FBI realised in the late 1990s that the only way to fight cybercrime was through public-private sector alliances like Operation Identity Shield, but it's taken time to build trust between the two sectors, Larkin said.
By dedicating an agent to working with Carnegie Mellon University's CERT (Computer Emergency Response Team) and signing a memorandum of understanding to make it clear that the FBI would protect sensitive information, the two organisations eventually built a fruitful partnership.
After the attacks on the World Trade Center and Pentagon in 2001, CERT helped the FBI identify a virus in the email account of one of the 19 terrorists associated with the attacks. "We were able to reconstruct that virus and where it came from and develop some really valuable information," Larkin said.
That success led to a big change in the way the FBI tackled cybercrime, Larkin said. "We redefined what a task force was. We decided that we had to form public-private alliances."
Soon, the FBI was forging new partnerships, like the Slam-Spam initiative, which has identified about 100 criminal spammers since its inception. Another effort, called Operation Releaf (Retailers and Law Enforcement Against Fraud), has cracked down on 're-shipper' scammers who use stolen credit card information to have US goods shipped to west Africa and Russia.