Here is an interesting story.  Imagine a guy with no relation to security whatsoever who became one of the most respected authorities on identifying and capturing phishers.  I’ll tell you what, I certainly would not mind having a chat with this man.  With any luck, who knows: maybe he’ll write a book or something that helps detail how he cracks down on phishers.  I certainly would buy it…

Until just a few months ago, Gary Warner did not have the kind of day job you’d expect from an antiphishing crusader. He didn’t work for a security vendor or a bank, or any kind of company you’d expect to care about phishing.

Warner’s career as a cyber-sleuth began on Halloween 2000. That’s when his company’s Web site was defaced by a hacker named Pimpshiz as part of a pro-Napster Internet graffiti campaign.

“My boss came to me and said, ‘Find out who did this and put them in jail,’” said Warner, who was at the time an IT staffer with Energen, a Birmingham, Alabama oil and gas company.

It was an eye-opening experience. “I called the police and they were like, ‘What do you want us to do?’” he said.

Months later, when Pimpshiz struck servers at NASA, Warner reached out, calling staff there and saying “Hey, we know who this guy is. Here’s his name and address.”

Since then, Warner has quietly become one of the most-respected authorities on phishing in the U.S. — the kind of guy that federal agents and banking IT staff call when they want to know how to catch the bad guys and shut down their credit-card-stealing Web sites.

With Warner’s help, authorities eventually arrested Pimpshiz, whose real name is Robert Lyttle, in connection with the hacks.[more]

Tags: Good on the Net