The Register, quoting AP, says that an Estonian man suspected of plundering millions from hundreds of online bank accounts accounts across Europe was arrested last week. AP reports that the unnamed 24 year-old allegedly used a sophisticated Trojan in order to monitor the keystrokes on victims’ PCs and extract confidential banking passwords that allowed him… Read More »
Here’s what Rick Brown said of his Inspector Brown anti-phishing toolbar in response to my questions about its failure to catch the cross scripting phish mentioned here: Our software works to protect our community of users and allow each user the ability to fight back against spam, phishers and online fraud. Yes, its true, not… Read More »
Stealing passwords in the old days used to involve shoulder surfing — cruising past the mark while s/he’s tapping in her/his password into the computer/ATM/cookie dispenser. But I had a scare today that made me realise that this is still a pretty easy way to get information. Newly landed in Hong Kong, I breezed over… Read More »
Here are the results of the toolbars that didn’t work out for me. Remember, the attack is clever enough to appear as a legitimate website in the URL box. The question is: Will the toolbar realise that’s not the only source of data appearing on the webpage? Earthlink’s Scamblocker toolbar came out neutral: The… Read More »
Last week I wrote in my WSJ.com/AWSJ column (sub required) about the cross site scripting phish I received a few weeks ago (it appeared late because of the Easter holiday.) The point I made in the column is that most of the browser toolbars designed to prevent phishing failed to warn the user of the… Read More »