I don’t really need to introduce this piece from Sam Varghese of the Sydney Morning Herald. It touches on a theme I’ve harped on before: How banks still don’t understand phishing and how it has changed consumer attitudes, and how it must change the way banks approach the Internet. Phishy behaviour or harmless spin points … Read more
Last week I wrote in my WSJ.com/AWSJ column (sub required) about the cross site scripting phish I received a few weeks ago (it appeared late because of the Easter holiday.) The point I made in the column is that most of the browser toolbars designed to prevent phishing failed to warn the user of the … Read more
More evidence that phishers are widening their net. Munir Kotadia of ZDNet Australia reports that Yahoo’s free instant-messaging (IM) service is being targeted by phishers in an attempt to steal usernames, passwords and other personal information. Yahoo confirmed on Thursday its service was being targeted by a phishing scam. According to the search giant, attackers … Read more
Saw a chilling presentation today from Fabrice A Marie of FMA-RMS at the Bellua Cyber Security Asia 2005 conference in Jakarta. Fabrice talked about Hacking Intenet Banking Applications, something he does for a living on behalf of banks around the region. Bottom line: They’re easy to hack. Of 15 banks’ application assessments he worked on … Read more
I gag to think of the implications if no one is doing this, but so far I don’t get any feeling that, at least in Asia, anyone is. We need a banks’ charter to keep customers’ private data private and safe. Why? Banks continue to be cavalier with our personal information, reflecting not only a … Read more