Phishing

Sep 19th, 2006

Comments: 0
Category: Phishing
Read More

Malware to defeat virtual keyboards

Banking Trojan Captures User’s Screen in Video Clip A good write-up and video of malware designed to capture information from users using virtual keyboards. It’s just another indication that banks and other E-Commerce sites will need to come up with something more robust if they really want to make phishing impractical for attackers… Personally I’d […]

Jul 11th, 2006

Comments: 0
Category: Phishing
Read More

2-Factor Auth in banking Attacked

Security Fix – Brian Krebs on Computer and Internet Security – (washingtonpost.com) Post about a MITM attack on Citibanks two-factor authentication system. The relaying of error messages from Citi by the attacker is a nice touch as it makes it seem a lot more legitimate… Well not really a surprise that the attackers have worked […]

Feb 22nd, 2006

Comments: 0
Category: Phishing
Read More

noooooooo.

Schneier on Security: Impressive Phishing Attack Wow phishers with genuine SSL certs, issued by Certificate authoritys that are installed, by default, in every browser on the planet… Just goes to show, when there’s money involved the criminals will evolve and get real smart real quick… As to the SSL cert providers assertions that they rigourously […]

Nov 17th, 2004

Comments: 0
Category: Phishing
Read More

couple of Interesting phishing Stories

First one’s the story that Phishing scam forces NatWest services offline – vnunet.com. What I find somewhat odd about this is that they took the step of disabling some functionality on their site… They must have had quite a few of these scams by now and I find it hard to believe that they’re disabling […]

Nov 2nd, 2004

Comments: 0
Category: Phishing
Read More

Article looking at some of the defences against phishing

There’s an article over at InfoWorld looking at the various measures that companies have been using to try and mitigate the current rising trend in phishing attacks. My money’s on server-based mitigations as opposed to client-based ones (like the anti-phishing toolbars mentioned in the article). There are several good reasons for this. 1. Companies don’t […]

Jun 24th, 2004

Comments: 0
Category: Phishing
Read More

Another anti-phishing initiative

There’s an article about a MasterCard program which combats phishing. I’ve got to say that I’m not that impressed by this kind of approach to combating phishing. If what’s in the article is accurate it basically amounts to looking through content from the entire Internet for potential phishing scams and then shutting them down when […]