Phishing and the Peril of Fonts

I’m amazed at how lax domain registrations still are, despite the fact that phishing is now so much a household word that even my mum’s heard of it. But here’s another trick being used to try to dupe those people who still remain gullible: change the “o” in online to “c” because in many email …

Continue reading ‘Phishing and the Peril of Fonts’ »

Well-Meaning Pressure Group Or Sleazy Promotional Gimmick?

Maybe I’m getting too wary, but when I received a press release from something called the Internet Security Foundation, I wasn’t convinced. And I’m still not. The email was provocative enough: The headline ran “Microsoft’s Policy Leaves Millions Open to Identity Theft; Internet Security Foundation Releases Free Protection Tool”. An explanation followed that users were …

Continue reading ‘Well-Meaning Pressure Group Or Sleazy Promotional Gimmick?’ »

The Continuing Marvels Of Phishing

I continue to marvel at phishing attacks, and how they tweak themselves just enough to make you wonder hard about whether you can afford to ignore them. Take this one for example. Simple text email, no fancy graphics. But the URL looks real enough, the text makes you wonder whether someone has tried to access …

Continue reading ‘The Continuing Marvels Of Phishing’ »

More On Phishing And Top Level Domains

Further to my posting on top level domains being registered with clear criminal intent (the example I used was paypal.de.com, in ‘How to make a phish look real’) I just received this from Joe Alagna, Manager, North American Markets for CentralNic, the registrar for the TLD in question. Here’s his reply in full: I wanted …

Continue reading ‘More On Phishing And Top Level Domains’ »