Not sure if this is new but I’ve not seen it before: A clever new piece of social engineering in a phishing email. You have added phoneseller@yahoo.com as a new email address for your PayPal account. If you did not authorize this change or if you need assistance with your account, please contact PayPal customer… Read More »
MasterCard, one of several banks discovered to have flaws on their websites that would have allowed a phisher to capture passwords, says it has fixed the problem. American Banker Online reported (subscription required) last week that MasterCard International “has confirmed finding and fixing a flaw on its web site’s ‘Find A Card’ tool that could… Read More »
Here’s an interesting — and troubling — variation on the phishing scam: Using country-specific domain name to make a phishing link look real. The problem for phishers has always been to conceal the fact that the link victims are asked to click on takes them to a website address that looks dodgy — either the URL… Read More »
Sometimes the usual checks to see whether an email is a phishing scam or not don’t work. Here’s an example. This morning I received a quite credible looking PayPal email. Of course it had all the hallmarks of a phishing scam too, but then again I’ve received some genuine emails I thought were phishers, so… Read More »
Here are some tools to help folk worried by all this identity theft/fraud/phishing thang. Protecteer LLC has today released SignupShield 2.0, an add-on for Microsoft’s Internet Explorer that, among other things “automatically creates a hard to guess password and a disposable email address, each time a user signs-up with a new Web site”. It then… Read More »