Getting Into the Rhythm of Online Passwords
I started writing about phishing a long time ago, it seems now. It must be at least two years, I think, maybe more. Then it seemed a very obscure activity, and I can recall one editor being less than...
View ArticlePress 4 To Give Us All Your Money
I guess it had to happen: phishers are not only trying to snag you by setting up fake banking websites, now they’re trying to snag you by setting up fake switchboards too. Tim McElligott writes in...
View ArticleThe Anti-Phishing Gimmick
The boffins have spoken, and they’ve spoken right: Don’t use anti phishing toolbars, or at least don’t rely on them. (Anti phishing toolbars sit in your browser and supposedly warn you if you’ve been...
View ArticleClik here to view.
A Literate Scam
Good grammar is important, whether you’re pitching a story to a journalist or a scam to a dupe. Here are two examples: how not to and how to. First off, a PR pitch that endangers its credibility with...
View ArticlePhishing For a Scapegoat
It’s somewhat scary that more than 10 employees of a laboratory that works on security issues (including phishing) could fall for a phishing attack. The Oak Ridge National Laboratory, or ORNL, managed...
View ArticleWhaling in Singapore?
Singapore appears to be the source of a virus cleverly designed to hoodwink U.S. executives by appearing to be an emailed subpoena which mentions them by name, as well as their title. The SANS Storm...
View Articlelinks for 2008-09-15
About GroupLens | GroupLens Research GroupLens is a research lab in the Department of Computer Science and Engineering at the University of Minnesota. We conduct research in several areas (tags:...
View ArticleClik here to view.
Driver Phishing
Maybe because it’s early in the morning, but I fell for this little scam pretty easily. I’m going to call it “driver phishing” because it has all the hallmarks of a phishing attack, although it’s...
View ArticleClik here to view.
Why Banks Make It Harder To Play Safe
This just landed in my inbox: more proof, if it were needed, that banks are dumber than a sack of nails when it comes to security. Or they just don’t care: The email comes ostensibly from HSBC’s...
View ArticleClik here to view.
The Gmail Phish: Why Publicize, and Why Now?
This Google Gmail phishing case has gotten quite a bit of attention, so I thought I’d throw in my two cents’ worth. (These are notes I collated for a segment I did for Al Jazeera earlier today. I...
View ArticleThe Demise of the Anti-phishing Toolbar?
Must confess I missed this when it first kicked in, but could it be the nail in the ‘anti-phishing toolbar’ coffin? EarthLink lands a win, according to ZDNet, after being sued by a bank incorrectly...
View ArticleWhat’s Safe?
Another example of why you can’t really trust software to tell you whether a website is dangerous or not. The Register reports that a Trusted search software labels fraud site as ‘safe’: Digital...
View ArticleBruce on Phishing: It’s the Banks, Stupid
Bruce Schneier again talks sense, this time about phishing: Schneier on Security: Phishing Financial companies have until now avoided taking on phishers in a serious way, because it’s cheaper and...
View ArticleThe Phisher King is Back
I’m glad to report Australian phisher king Daniel McNamara has revived his Code Phish website which dissects phishing attacks and associated scams. He’s just taken a close peek at one ‘mule ad’ (as I...
View ArticleCupid’s (Possibly) Poison Arrow
Could Valentine’s Day be a phishing day? Internet Security Systems, Inc. reckons so, saying in a press release (no URL available yet) that the number of dating sites across the world has increased by...
View ArticleClik here to view.
Phishing and the Peril of Fonts
I’m amazed at how lax domain registrations still are, despite the fact that phishing is now so much a household word that even my mum’s heard of it. But here’s another trick being used to try to dupe...
View ArticleThe Gates Are Open, Phishers Welcome
I’m probably naive, but I’m gobsmacked that, nearly 24 hours later, a phishing website is still active despite my alerting the registrar and host of the domain in question. The only access was via a...
View ArticleDog Loving Phishers Learn from Nigerian Scammers
It’s interesting, if you like this kind of thing, to see how online scams learn from each other. Until recently I thought of the Nigeria 419 scam — where you’re contacted by some grieving African...
View Article
