Posts Tagged ‘Phishing’
The BBC reports that a phishing scam involving torrents has been uncovered. Their headline implies that it targets Twitter.
It doesn’t, not specifically. Twitter seems to have been responsible for revealing it.
The way it worked was really quite clever.
After “doing some digging” the firm (Twitter) found a network of compromised torrent sites that had been set up with the sole aim of stealing logon information.
“It appears that for a number of years, a person has been creating torrent sites that require a login and password as well as creating forums set up for torrent site usage and then selling these purportedly well-crafted sites and forums to other people innocently looking to start a download site of their very own,” said the firm.
The sites also contained security exploits allowing the person to steal usernames and passwords.
After a while, the malware would phone home with the list of usernames and passwords. The plan relied on the tendency of persons to use the same password for multiple sites; the phisher would then try the torrent passwords on other sites, such as Facebook and Twitter.
No Comments »The BBC reports that one person has been arrested for phishing identities so as to steal Runescape gold and treasure, which gets resold to other Runescape players; more arrests may be on the way. (Runescape is an onlline game I’d not heard of, but it seems to be a lot like World of Warcraft.)
It doesn’t look like much of an exchange rate:
Current underground exchange rates suggest that 2m Runescape gold costs about £6 ($10).
The gaming company, Jagex, is actively seeking help from and cooperating with the police:
“Players invest years of time and effort into developing their Runescape character so the theft of a Runescape account shouldn’t be treated differently to the theft of any other valuable possessions such as a games console, television or car,” he (Mark Gerhard. president of Jagex) said.
No Comments »The Guardian takes a long look at trends in malware.
Among the trends they note are these:
- Threats coming less and less from vandals and mischief-makers and more and more from organized crime, with increasing emphasis on money-making fraud and decreasing emphasis on breaking into systems just to show it can be done.
- Less dependency on stealth technology and more dependency on “social engineering” to deliver malware. In other words, as firewalls and other anti-malware programs have gotten better, the bad guys are developing more sophisticated ways to get users to throw open the front door and invite them in. (Scareware is an excellent example of this trend.)
The authors of the article also find a disconnect between the eagerness of some governments (the Guardian is a British paper) to clamp down on illegal file-sharing, as with “three strikes you’re out” laws, while doing little to fight purveyors of malware or spam. and asks:
The British government wants to stop filesharing to protect copyright owners, but shows no similar enthusiasm for protecting the general public from malware, which is arguably more important to us – and perhaps to the nation. After all, what happens to e-commerce if people don’t feel secure enough to buy things, do their banking or interact with government online?
No Comments »The Guardian reports that thousands of Hotmail accounts have been compromised in a phishing attack.
Hotmail users are urged to change their passwords immediately.
“Over the weekend, Microsoft learned that several thousand Windows Live Hotmail customers’ credentials were exposed on a third-party site due to a likely phishing scheme,” it (Microsoft) said.
“Upon learning of the issue, we immediately requested that the credentials be removed and launched an investigation to determine the impact to customers. As part of that investigation, we determined that this was not a breach of internal Microsoft data and initiated our standard process of working to help customers regain control of their accounts.”
I know one person who uses Hotmail.
In other news, my younger son tells me he has been unable to log into his Yahoo mail account. Both Opera and Internet Explorer throw an error message about an expired or invalid certificate. (He was away from a computer when I talked with him, so I could not browbeat him into replicating the error.)
The New York Times warns of a rash of phishing attempts on Twitter. Read the full story here.
An excerpt (emphasis added):
Facebook is no longer alone in its troubles. Twitter is also becoming a target of phishers. The last few days have seen a slew of Twitter phishing attacks, possibly orchestrated in a chess-like multi-move plan that resulted in three sets of victims and, very likely, some seedy profits.
(snip)
In a smooth move, the (phony–ed.) site’s address was tvviter.com (notice the double “v” and single “t”), likely an effort to reassure anyone who glanced at the address bar.
In his podcast, Jeffrey routinely warns listeners to take care and pay attention if they check out a website he has not yet personally had a chance to vet (and to let him know if you find something off key about it).
That is always wise advice.
No Comments »The Guardian reports that there’s a new kid in town, and he’s breaking windows via the Google. The story is here.
A computer virus that targets Google users is mutating rapidly, turning it into what some are calling the biggest threat to online security today.
The worm, known as Gumblar, attacks computers through vulnerabilities in some version of Adobe’s PDF reader and Flash player software. Once it infects a victim’s PC, it silently redirects the user’s Google search results to sites that download more malware onto the machine or allow criminals to conduct “phishing” attacks to steal login details for banking, social networking and websites.
The worm spreads from infected website. The story recommends the Unmask Parasites tool for scanning a site; I just scanned my own site and it came up clean.
Except when it’s not. From the New York Times:
“A list of user names and passwords for customers of Comcast, one of the nation’s largest Internet service providers, sat unprotected on the Web for the last two months.
“The list was 8,000 lines long, but Comcast said late Monday that just 700 of those lines contained information for active customer accounts.”
Read the full story with updates here. Comcast claims the document does not look like it came from them and might possibly have leaked from a phishing site.
No Comments »This week, we have on the Panel Brandon Mendelson and David Schenberg. We had a great “Before CES” show. Of course, the first hour we talked about the big shows of MacWorld and CES. We went on to discuss the Twitter phishing issues.
Hour 2, brought in a lot of talk about Netbooks, Bai du and the Chinese target at Internet Porn, FCC easing up on Filtering rules and a whole lot more. Brandon and David kept up some great conversation as I was starting to loose it. But I got my composure back and continued on.
Here is the Video:
Hour 1
I decided to take the Podcast outside since it was a nice day. If this works, we’ll do it again next week, too.
Computer Reload – Looking for investors – Listener Drive Continues
Try GoToMeeting free for 30 days – No CC needed: GoToMeeting.com/techpodcasts.
Get IT Certified – Careersaver.com – 25% off with Code “Geekazine” 877-654-2265
Hotline – 608-205-4378 – geekazine (at) gmail.com
Download the show
Subscribe: Zune – iTunes – TechPodcasts – Blubrry Read the rest of this entry »
Podcast: Play in new window | Download (23.9MB)
No Comments »HTML clipboardNew Webpage design – More work – Need Notebook – Writing more – Winner of iPod/Zune Contest
On this day: First Public Aquarium(1853), Star Wars: Ep 5(80), Atari7800(84), OSX Ships(01)
Try GoToMeeting free for 30 days – No CC needed: GoToMeeting.com/techpodcasts.
Buy an iMac – Apple.geekazine.com
Hotline – 608-205-4378 – geekazine (at) gmail.com
Download the show
Subscribe: Zune – iTunes – TechPodcasts – Blubrry
Podcast: Play in new window | Download (23.0MB)
Web browsers are just as debated as Operating Systems and Political affiliations. The Web Browser is the program that allows you to browse the web, so you want the best experience possible. And Just like Operating Systems you can also choose the web browser that you use. So which one is it? IE or Firefox. Maybe Safari? Maybe even Opera?
Podcast: Play in new window | Download (2.4MB)
Podcast (quickcast): Play in new window | Download (Duration: 5:12 — 2.4MB)
2 Comments »
Podcast
Loading ...
