This is quite a neat example of mule spam, or at least I think it is. A mule is someone who is lured, willingly or unwittingly, into moving money around for scamsters — often, but not always, phishers. Scamsters, you see, may be able to empty your bank account, but not always into an account in … Read more
I don’t really need to introduce this piece from Sam Varghese of the Sydney Morning Herald. It touches on a theme I’ve harped on before: How banks still don’t understand phishing and how it has changed consumer attitudes, and how it must change the way banks approach the Internet. Phishy behaviour or harmless spin points … Read more
Stealing passwords in the old days used to involve shoulder surfing — cruising past the mark while s/he’s tapping in her/his password into the computer/ATM/cookie dispenser. But I had a scare today that made me realise that this is still a pretty easy way to get information. Newly landed in Hong Kong, I breezed over … Read more
Here are the results of the toolbars that didn’t work out for me. Remember, the attack is clever enough to appear as a legitimate website in the URL box. The question is: Will the toolbar realise that’s not the only source of data appearing on the webpage? Earthlink’s Scamblocker toolbar came out neutral: The … Read more
Saw a chilling presentation today from Fabrice A Marie of FMA-RMS at the Bellua Cyber Security Asia 2005 conference in Jakarta. Fabrice talked about Hacking Intenet Banking Applications, something he does for a living on behalf of banks around the region. Bottom line: They’re easy to hack. Of 15 banks’ application assessments he worked on … Read more