Another Ratchet Up in the Phishing War

I must confess I’m not sure how it works, but it seems like an interesting, but potentially flawed, approach in the battle against phishing. German bank PostBank, IDG reports, has launched a new system to combat phishing, extending the existing German practice of using transaction numbers, or TANs: Until now, Postbank customers transferring money from …

Continue reading ‘Another Ratchet Up in the Phishing War’ »

Anti-Phishing Passwords

An obvious but effective technique against phishing, here: altering each password so it’s tied to the domain name of the site. Then, if you’re trying to sign in to a phishing fake site, the password won’t match and won’t work. Here’s the story from InformationWeek – Stanford Computer Scientists Unveil New Anti-Phishing Software : A …

Continue reading ‘Anti-Phishing Passwords’ »

A Honeypot To Catch A Phisher

Netcraft. the British Internet security consultancy, highlight a new Honeynet Report on Traffic to Phishing Sites, showing that despite months of intensive anti-fraud education efforts by the banking industry a lot of people still click on through to fraudulent phishing sites: The study of phishing scams hosted on cracked web servers from The Honeynet Project …

Continue reading ‘A Honeypot To Catch A Phisher’ »

Phishing Pushes Banking To Impose Transfer Limits

Internet banking takes another knock with news from AP that Germany’s biggest retail bank Postbank has imposed an online transaction limit . Germany’s biggest retail bank, Postbank, said Monday it was imposing a euro3,000 (US$3,860) limit on online transfers in an effort to protect customers against e-mail “phishing” scams. The bank, which has 11.5 million …

Continue reading ‘Phishing Pushes Banking To Impose Transfer Limits’ »

Phishy Behaviour Down Under

I don’t really need to introduce this piece from Sam Varghese of the Sydney Morning Herald. It touches on a theme I’ve harped on before: How banks still don’t understand phishing and how it has changed consumer attitudes, and how it must change the way banks approach the Internet. Phishy behaviour or harmless spin points …

Continue reading ‘Phishy Behaviour Down Under’ »

Phishing Your Yahoo! Account

More evidence that phishers are widening their net. Munir Kotadia of ZDNet Australia reports that Yahoo’s free instant-messaging (IM) service is being targeted by phishers in an attempt to steal usernames, passwords and other personal information. Yahoo confirmed on Thursday its service was being targeted by a phishing scam. According to the search giant, attackers …

Continue reading ‘Phishing Your Yahoo! Account’ »

The Phishing War Escalates

The guys at Netcraft, a British security consultancy that has done a good job of tracking, exploring and warning about phishing, say they’ve come across the first case of cross site scripting being used in the wild for phishing purposes. This isn’t as arcane as it sounds, since it allows phishers to make their lure …

Continue reading ‘The Phishing War Escalates’ »

Phishing And The Future Of Banking

Could phishing kill off online banking?   Probably not, but it’s likely to force greater regulation by central banks and others which will, reckon British-based Internet security consultants mi2g, mean “the next generation of electronic banking may have to rely on deeper layers of authentication that couple passwords with biometric security and smart card authentication.”   Mi2g estimate …

Continue reading ‘Phishing And The Future Of Banking’ »