February 23, 2006

Phishing Makes a Comeback

Filed under: Consumer Outrage, Money Tip of the Day, Privacy/ID Theft — TBlumer @ 12:18 pm

Not that it ever really went away, but Brian Krebs Security Fix Blog at The Washington Post has read the latest report from The Anti-Phishing Working Group (APWG). It confirms what my junk mailbox, and occasionally my real inbox, have been telling me — attacks are on the increase:

The number of unique phishing sites jumped from 4,630 in November to 7,197 in December, a 55 percent increase. Online scam artists also targeted a wider range of companies in their phishing sites. One scam found at the end of 2005 targeted customers who shop at Wal-Mart’s Web site, telling their their accounts had been compromised.

….. That growth was spurred in large part by the discovery of two critical security flaws in Microsoft’s Internet Explorer browser — MS05-054 and MS06-001 — that allowed malicious Web sites to install software on the visitor’s computer. The APWG report said its members spotted hundreds of sites using exploits for those vulnerabilities to install keystroke-logging software.

In case you have no idea what phishing is, here’s the APWG’s definition on its home page:

Phishing attacks use both social engineering and technical subterfuge to steal consumers’ personal identity data and financial account credentials. Social-engineering schemes use ’spoofed’ e-mails to lead consumers to counterfeit websites designed to trick recipients into divulging financial data such as credit card numbers, account usernames, passwords and social security numbers. Hijacking brand names of banks, e-retailers and credit card companies, phishers often convince recipients to respond. Technical subterfuge schemes plant crimeware onto PCs to steal credentials directly, often using Trojan keylogger spyware. Pharming crimeware misdirects users to fraudulent sites or proxy servers, typically through DNS hijacking or poisoning.

Note the two different types.

The response to the first (social-engineering) is easy: Don’t respond to the e-mails supposedly originating from your financial institution, Ebay, PayPal, or whomever.

The second (technical subterfuge) is more difficult to defend against, and requires (just for starters) a good firewall to prevent intrusions; never opening unknown attachments to e-mails; keeping operating system and browser software up-to-date; and, if you are a Windows user, using two different brands of good spyware-removal software (two because the best brands are currently only elminating about 80% of spyware found, so two different brands “should” achieve about 95% effectiveness in eliminating spyware); and keeping your computer disconnected from the Internet when you are not using it.

No Comments

No comments yet.

RSS feed for comments on this post.

Sorry, the comment form is closed at this time.

RSS
RSS (Comments)
© 2008 BizzyBlog

"Budgeting, without the drudgery."
Follow-up on Your Money-Control Resolution!

Never Forget:
Pentagon

This Month's Posts

February 2006
M	T	W	T	F	S	S
« Jan		Mar »
	1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28

Comments

Comments are welcome, but are moderated.
Posting of comments is not immediate, and may take up to 24 hours.
Comment posting, as well as possible deletion, is
at the sole discretion of BizzyBlog.
Allowing a comment to be posted does not constitute agreement with it, or endorsement of it.

-----------------------------

S.O.B. Alliance

Testimonials

"Seems that there are more than a couple of folks taking notice of your postings, Tom. Excellent job ..... I believe Cleveland is better off because of the job you did."

-- commenter "stratman"
NewsBusters
Oct. 30, 2007

"Kudos to Tom for doing some excellent original reporting."

-- Mark Finkelsteiin
NewsBusters
Dec. 19, 2006

"Tom Blumer at BizzyBlog brings actual facts about coal miner fatalities to light and gives the BDS'ers a reality check."

-- Michelle Malkin
Jan. 5, 2006

".... the best blogger in the state and a more talented, natural economist than any of those pointy-headed Keynesian halfwits."

-- Matt Naugle
Right Angle Blog
Nov. 20, 2006

"Tom Blumer .... (is) doing stuff that MSNBC and AP 'should' have done before providing the teenager (Farris Hassan) a national/ international forum and 15-minutes of fame."

-- Geoff Metcalf
Accuracy in Media
Feb. 14, 2006

"Guys like Tom Blumer cover what really matters, and they're independent enough to tell the truth, without fear of aggravating .... corporate media owners."

-- Jeff at
Credit/Debt Recovery
Aug. 12, 2005

"BizzyBlog made my point with numbers and facts and stuff."

-- Jonah Goldberg at National
Review's The Corner
Jan. 23, 2006

"My favorite pajama-clad economist."

-- Pamela at Atlas Shrugs
Aug. 10, 2005

"This is why I read Bizzy Blog. He catches the stuff that I manage to miss..."

-- Matt at WoMD
Oct. 6, 2005

"Great job with the investigation of Mr. McEwen. I hope your insightful commentary and investigation prowess will come to light in other races."

-- The Duke at
The Duke's domain
June 17, 2005

Blogroll

Phishing Makes a Comeback

No Comments

This Month's Posts

Categories

Money, Biz, Econ, IT

Local Yokels (SWO-NOKY)

* Technical, Search, Media *

Other Localities, State Lists

Mil sources & Mil Blogs

Religion and Positivity

z Campaign Sites z

z Pol-Party-Lobby Sites z

Unclassified

Comments

S.O.B. Alliance

Testimonials

Blogroll