Beware The Fear. The blizzard of coverage about phishing (usually involving some awful pun) has done a lot to raise awareness about the problem, but is it enough? A survey by Insight Express for Symantec of 300 people (no URL available yet, sorry) shows that while three quarters of folk are aware of spyware only… Read More »
Combatting phishing ain’t easy. So how does a new weapon, Inspector Brown, mentioned in a comment to an earlier posting here on phishing, shape up? Inspector Brown is a program that sits between you and your browser (IE, only, I think, but the documentation is minimalist, to put it mildly) and warns you if a… Read More »
I continue to marvel at phishing attacks, and how they tweak themselves just enough to make you wonder hard about whether you can afford to ignore them. Take this one for example. Simple text email, no fancy graphics. But the URL looks real enough, the text makes you wonder whether someone has tried to access… Read More »
Is phishing a phlash in the pan? No, says the the Radicati Group, Inc., in its new report, “E-mail Anti-Phishing and Anti-Fraud Market Trends 2004-2008”, which “provides market size, market share, four-year forecasts, technology trends, key solutions, and competitive information for the emerging e-mail anti-phishing and anti-fraud software market”. Phishing, it appears, is big business… Read More »
Sometimes security holes can be subtle rather than complex. Sidney Low of Aliencamel points out the vulnerability discovered by Secunia, called the Multiple Browsers Frame Injection Vulnerability. It’s a fancy term for a simple enough trick, where the bad guy hijacks a frame in a legitimate webpage (a frame is one portion of a webpage… Read More »