As is so often the case, what appears to be an evil mastermind plot really turns out to be a petty criminal looking to support their drug habit. This is as true of phishers as it is of the armed muggers of yore. Interestingly, GE Capital helped to make the identity and financial account theft easy enough for even the most strung-out druggie to accomplish.

A plague of rogue Facebook applications that are stealing user credentials – such as usernames and passwords – has been sweeping Facebook in the past week. The phishing Facebook apps work the same way that many other applications do – including sending an email to your Facebook friends, with links to click on, and when you type in your username and password, BAM! Your login credentials have been stolen.

Not content with tricking victims into giving up private identity information via email, phishers are increasingly turning to text messaging to scam account numbers, credit card numbers, social security numbers, and more from their targets.

Stupid users are the worst problem on the Internet, according to this survey of more than 600 Internet users.

Firefox and IE both have site blocking (or at least, site warning) built into their current iterations. Google also does site blocking now. All do site blocking based on some metric, known only to them, that tells them that a site is more likely than not to be a malicious site, such as a phishing site, or a site loaded with spyware. The problem with site blocking browsers and site blocking search engines such as Google is that sometimes they get it wrong.

There has been a new rash of “Receipt for your payment to” eBay Paypal phishing spam which is intended to elicit a shock response causing the target to rush to log into their Paypal account to figure out why they are being charged hundreds to thousands of dollars for an eBay purchase which they know that they didn’t actually make.

Paypal has announced that they are going to block the Apple Safari web browser, along with a few other browsers. The online payment service, purchased by eBay for $1.5B back in 2002, in the good old days of rampant Internet mergers and acquisitions, has become a frequent target of phishers and hackers. Anxious to recapture their good name and to offer to sellers and buyers alike a more secure environment, PayPal plans to discontinue support for web browsers that do not include anti-phishing capabilities. If this plan goes through, PayPal will block Safari and older versions of Internet Explorer, Firefox, Opera, and Netscape.

Paypal phish are as common as the cold. Here, the newest one claims that there have been foreign attempts to log into your Paypal account, and explains that if it wasn’t you (which, of course, it wasn’t) you should click on the link to verifiy your identity. Where does the link really go? Not to Paypal, that’s for sure. In fact, it really goes to https://www.theinternetpatrol.com/brick-wall/, which is a very convincing Paypal phishing site.

Countless people have received email which appears to come from eBay, with the rather alarming message “eBay Unpaid Item Dispute for Item”, adding to the urgency with “Response Required”.
If you get one of these and your first response is “Huh? I don’t have any open items for sale at eBay” or even “Huh? I don’t have an eBay account”, you’re not alone. Because this is the newest phishing attempt to spoof eBay.

A new round of phishing spam, phishing for Gmail account information, along with your date of birth and citizenship, was unleashed on the Internet this week. “Warning!!! Account owner that refuses to update his or her account within Seven days of receiving this warning will lose his or her account permanently,” reads the subject.

Amazingly real looking phishing emails supposedly from the Better Business Bureau (BBB), and also “from” the IRS, are making the rounds. In the case of the BBB email, it claims that someone has lodged a complaint with the BBB against your business. This latest batch is particularly sinister because when you click on the link to look at the “complaint”, it downloads a particularly malicious keylogger on to your computer.

Lots of people are receiving a purported “customer notice” from eBay. It starts out “Please note that this is a system generated email.” And goes on to state that “eBay has sent you this message to remind you its time to update your account details.
To ensure your account continues to function normally it is recommended you update your details.” It looks very real, but it’s actually a phish originating from Moldova.

MySpace has announced that it has filed a lawsuit against the once (and future?) King of Spam, Sanford Wallace. MySpace says that Wallace “implemented a phishing scheme to falsely gain access to MySpace user profiles.

Wondering why your address bar (the URL bar – where you type the web address you want to visit) has turned green? Why you’re looking at a pop-up that says “Website Identification – VeriSign has identified this site as:” and “Should I trust this site?”?

The latest round in McAfee Antivirus heartache has people complaining that perfectly legitimate and innocent websites are being called “phishing sites” by McAfee. In addition, McAfee is wreaking havoc with Lotus Notes, causing computers to freeze, and locking programs, sometimes requiring a complete reinstall. And if your McAfee antivirus program identifies any of usersid.exe, imjpinst.exe, ecenter.exe, ntfstype.exe, adobeupdatemanager.exe, gtb2k1033.exe, 43gcjvgahnu44.ths, excel.exe or graph.exe as malicious files, well, don’t take its word for it, and don’t delete them!