Category: Phishing
Something’s Very Phishy – Microsoft Files Trademark Lawsuits Against 117 Phishers
Microsoft this week filed lawsuits against 117 phishers. Using trademark law, Microsoft is claiming trademark infringement by the phishers, based on the phishers creating copycat websites which mimicked Microsoft sites, and which were intended to trick users into believing that they were visiting a true Microsoft site. The phishers could…
Yahoo Messenger Target of Effective Phishing Scam
A particularly effective phishing scam has targeted Yahoo Messenger this week. The reason it is so successful is because the phishing scam involves the Yahoo Messenger user being sent an IM message which appears to come from someone on the user’s Yahoo Messenger buddy list. Ouch. The message suggests that…
Phishers Use Wildcard DNS to Build Convincing Bait URLs – Spamfo
From Across the Pond, written by Andrew Robinson over at Spamfo: Phishing operations have begun using DNS wildcards and URL encoding to create email links that display the URLs of legitimate banking sites, but send victims to spoof sites designed to steal their login details. This may sound familiar as…
eBay Phishing Bug Allows Phishing Using Real eBay Web Addresses
eBay is working frantically to fix a bug in their software which allows phishers to do their phishing dirty work using real eBay URLs in their phishing efforts. eBay is calling the phish-friendly problem a “software bug” which can be used to create a genuine eBay link which in turn…
Endangered Gizmos – Only You Can Prevent Extinction
Who says that the Electronic Frontier Foundation (EFF) doesn’t have a sense of humour! Anybody who does will be handily proven wrong by a look at their new “Endangered Gizmos” list, over which anybody should get a chuckle (not to mention an education) no matter where you fall along the…
Phishmongers: WholeSecurity to Sell Phishing Alerts
Aunty has a firm belief that anybody who has a vested interest in charging money for keeping you safe from harm is likely to have a vested interest in perpetuating the threat of that harm – otherwise they run the risk of becoming obsolete when that harm is no longer….
Phishing Victim Sues Own Bank
Here’s an interesting question: if you are the victim of phishing, and are unaware that you have been phished, and as a result of that phishing, the phisher gets enough information to drain your bank account, who – other than the phisher – should be responsible for the loss which…
Phishing at Blackpool: Man Arrested
From Across the Pond, courtesy of Chris Hunter over at Spamfo: UK police have arrested a 21 year old man from Blackpool who is suspected to be behind an email phishing scam. The phishing attempts were aimed at UK online bank Smile who are part of the co-operative bank. The National…
New Email Scam Targets eBay Users
The newest spam scam to hit eBay users is a spam which is infected with what is known as a “keylogger”. When a user opens the infected email, which then has them log into their eBay account, it can record the keystrokes typed by the user, capturing the user’s account…
New After-School Job: Phishing Mule
Have you ever seen a phishing mule? No, it’s not a new act on Animal Planet. In this context “mule” is slang for a low-level operative in a criminal organization whose job it is to act as a courier for contraband – usually money or drugs. Authorities in Australia have…
Porn is Out, Drugs are In
Timothy Leary would be proud. As a nation we are turning away from lurid sex displays in which women are debased and objectified, and turning towards drugs. At least in our spam. According AOL, and based on a recent analysis of their incoming spam (and they should know, they get…
Windows Anti-Phishing Tool Free from Netcraft
Many of you have heard Aunty pile accolades on anti-spam program Cloudmark for their unique and highly effective way of stopping spam for their users: they have a network of several dozens of thousands of “reporters”, and when a certain number of them all report back to the Cloudmark mothership…
Digital PhishNet Initiative Announced by ISPs, Federal Agencies
Microsoft, AOL, Earthlink, and several other industry giants, along with the FBI, the FTC, the U.S. Secret Service, and the USPS announced today the formation of Digital PhishNet, a collaborative initiative designed to take phishers down by arresting and convicting them. “The key to stopping phishers and bringing them to…
Domain Keys “Adopted” by Phishers
Domain Keys is another flavour of email sender authentication, along with SPF and Microsoft Sender I.D., designed to help ensure that email which claims to be from Sender X is in fact from Sender X. Developed last year by Yahoo, and deployed last month, its primary purpose in life is…