logo

phishing

Category: news | Posted by Avatar Staff 287 days ago
Via: http://lists.jammed.com | Tags: isn clevel executive phishing attacks on the rise comments Discuss  
http://www.informationweek.com/news/showArticle.jhtml?articleID=206103681By Thomas ClaburnInformationWeekFebruary 4, 2008Businesses and government agencies face a rising number of phishing attacks targeting high-level executives.The Anti-Phishing Working Group on Monday said that in November the identities of 178 financial institutions and government agencies, a new record, were co-opted by phishers in an effort to dupe victims into revealing information. This represents a 2.23% increase from the previous read more »
addto Add this link to... report Bury 
Category: vulnerabilities | Posted by Avatar Staff 282 days ago
Via: http://www.symantec.com | Tags: phishing attacks exploiting injection flaws importance application security comments Discuss  
As discussed in the past, cross site scripting (XSS) can be exploited by phishers to build really effective attacks. Today we have analyzed another similar attack that includes some enhanced features. The attack was exploiting an injection flaw in an Internet banking application, specifically located in the module used to display warning messages to users. The function took a single GET parameter: https://www.well-known-bank.com/popup.asp?msg=[ASCII_encoded_message_to_display] And then returned a page read more »
addto Add this link to... report Bury 
Category: vulnerabilities | Posted by Avatar Staff 282 days ago
Via: http://www.symantec.com | Tags: phishing phishing comments Discuss  
The Microsoft DNS Server spoofing vulnerability caught my eye this month, so I thought I’d delve into it a bit more. This isn’t a complicated issue by any stretch of the imagination, but it is an interesting one and has the potential to be quite lucrative for those of the less-than-nice variety, i.e. those individuals or groups who use phishing sites to trick us out of our hard-earned cash and learn our deepest and darkest secrets (not necessarily in that order). In a nutshell, the vulnerability allows an read more »
addto Add this link to... report Bury 
Category: news | Posted by Avatar Staff 274 days ago
Via: http://feeds.ziffdavisenterprise.com | Tags: black hat lifts cover id theft phishing networks comments Discuss  
p strong Researchers warn that the whack-a-mole approach to disabling fake banking sites is a huge waste of time. strong p ...Automate Software Builds with Visual Build Pro Easily create an automated, repeatable process for building and deploying software. read more »
addto Add this link to... report Bury 
Category: news | Posted by Avatar Staff 273 days ago
Via: http://go.theregister.com | Tags: hmrc data debacle bait phishing lure comments Discuss  
Poetic justice restricts success of feeble ruseA phishing attack targeting victims of the HMRC data loss debacle has been spotted on the net. The bogus emails offering recipient the false opportunity to claim a tax refund of £215 from the UK Government over the potential exposure of confidential data. The email contains a web link to a suspect site, reports security firm McAfee, which spotted the ruse.… read more »
addto Add this link to... report Bury 
Category: news | Posted by Avatar Staff 266 days ago
Via: http://go.theregister.com | Tags: will ev ssl stop phishing attacks not comments Discuss  
Green means good very littleSecurity vendors like VeriSign consider a new technology called EV SSL an important measure against phishing attacks. But two recent items suggest it will do little to stop skilled conmen from spoofing trusted websites.… read more »
addto Add this link to... report Bury 
Category: blogs | Posted by Avatar Staff 252 days ago
Via: http://www.symantec.com | Tags: phishing easter eggs comments Discuss  
There are hundreds of ready-for-use phishing kits available on the Internet. At the beginning of this month, a list with more than 400 links had been circulated on mailing lists and forums. Some kits are a compilation of different sophisticated scripts that can spoof many different brands at once and sometimes even bypass two-factor authentication schemas. However, the vast majority are simply archived copies of the original Web site, modified to include a small PHP script that will send the stolen credent read more »
addto Add this link to... report Bury 
Category: blogs | Posted by Avatar Staff 232 days ago
Via: http://www.websensesecuritylabs.com | Tags: game phishing revisited comments Discuss  
In October of 2006 we blogged (Stealing Fun for Profit) about the trend we were seeing with malicious code writers targeting users of online games, and the ways that they could make profits from attacking these customers. During the course of 2007 we tracked this trend in an ongoing fashion and saw it becoming more and more common. We aren't the only ones who have noticed this, so it's time to revisit the topic.As it turns out, these sorts of attacks have become so prolific that it's often easy read more »
addto Add this link to... report Bury 
Category: blogs | Posted by Avatar Staff 224 days ago
Via: http://www.symantec.com | Tags: istr xiii phishing spam trends comments Discuss  
Phishing is an attempt by a third party to solicit confidential information from an individual, group, or organization by mimicking ("spoofing") a specific, usually well known brand, usually for financial gain. Phishers attempt to trick users into disclosing personal data, such as credit card numbers, online banking credentials, and other sensitive information, which they may then use to commit fraudulent acts. During the second half of 2007, the majority of brands targeted by phishing attacks were in the read more »
addto Add this link to... report Bury 
Category: news | Posted by Avatar Staff 218 days ago
Via: http://go.theregister.com | Tags: miserly marks smart uk phishing fraudsters comments Discuss  
Attacks up, but losses downIncidents of phishing targeted against holders of UK bank accounts are up, but losses are down.… read more »
addto Add this link to... report Bury 
Category: news | Posted by Avatar Staff 216 days ago
Via: http://www.infoworld.com | Tags: paypal block users browsers stem phishing attacks comments Discuss  
PayPal, eBay's electronic payment service, plans to take the dramatic step of locking out people using older versions of Web browsers in order to stem phishing attacks. read more »
addto Add this link to... report Bury