Phishing has made it inadvisable for institutions like banks and financial sites to use email to communicate with customers. Doing so would just confuse them more and raise the likelihood they would be fooled by a phish. But what about ordinary institutions like schools and colleges? The Worcester Telegram & Gazette reported earlier this week (payment… Read More »
I continue to marvel at phishing attacks, and how they tweak themselves just enough to make you wonder hard about whether you can afford to ignore them. Take this one for example. Simple text email, no fancy graphics. But the URL looks real enough, the text makes you wonder whether someone has tried to access… Read More »
Further to my posting on top level domains being registered with clear criminal intent (the example I used was paypal.de.com, in ‘How to make a phish look real’) I just received this from Joe Alagna, Manager, North American Markets for CentralNic, the registrar for the TLD in question. Here’s his reply in full: I wanted… Read More »
Here’s an interesting — and troubling — variation on the phishing scam: Using country-specific domain name to make a phishing link look real. The problem for phishers has always been to conceal the fact that the link victims are asked to click on takes them to a website address that looks dodgy — either the URL… Read More »
Here’s a new kind of cellphone scam (via Mike Masnick of Techdirt, writing in TheFeature): WAPjacking (well that’s what he calls it, and I like it): Taking a page from the still popular redialer scam on PCs – where a secretive trojan tries to disconnect your modem (assuming you’re using dialup) and reconnect you secretly… Read More »