Tag Archives: Daniel McNamara

The Phisher King is Back

I’m glad to report Australian phisher king Daniel McNamara has revived his Code Phish website which dissects phishing attacks and associated scams. He’s just taken a close peek at one ‘mule ad’ (as I call them) or job scam as he calls them: DHL Mail Job Scam.  These are efforts by the phishers to repatriate their illicit… Read More »

Fame At Last, Or Under Attack?

Here’s an example of how social engineering can be more important than technical sophistication. It’s an email with a credible from address, credible header, credible subject line, credible contents: From: john@flexiprint.co.uk Subject: Photo Approval Needed Hello, Your photograph was forwarded to us as part of an article we are publishing for our May edition of… Read More »

Putting Phishers In The Banking Frame

Phishers are smart, and banks are dumb. At least, it seems that way. Here’s another example of what’s called a cross site scripting vulnerability attack, which basically lures the victim to what seems, both in the phishing email and in the website it links to, to be a genuine website belonging to Charter One Bank.… Read More »

Phishing Gets Proactive

Scaring the bejesus out of a lot of security folk this weekend is a new kind of phishing attack that doesn’t require the victim to do anything but visit the usual websites he might visit anyway. It works like this: The bad guy uses a weakness in web servers running  Internet Information Services 5.0 (IIS) and… Read More »

Spam And Social Engineering

(Please see a subsequent post on this: Apologies for getting it wrong and thanks to everyone for writing in) Spam always surprises. This morning I got an HTML email from seemingly credible email address with just one line in it: http://drs.yahoo.com/jeremywagstaff.com/NEWS Hmmm, I thought, my name! I was almost going to click it, but then… Read More »