MasterCard, one of several banks discovered to have flaws on their websites that would have allowed a phisher to capture passwords, says it has fixed the problem. American Banker Online reported (subscription required) last week that MasterCard International “has confirmed finding and fixing a flaw on its web site’s ‘Find A Card’ tool that could… Read More »
Welcome to the phishing worm. Korgo, a new worm that appeared last week, scans for random machines to infect and attack, using a vulnerability in Windows called the LSASS flaw which was discovered in April, according to Internet Week. Korgo, also known as Padobot, then sits on users’ computers waiting for instructions from home. Most such… Read More »
Singapore has netted a trojan phisher, the Straits Times reports. A Vietnamese computer engineering student at the National University of Singapore, Nguyen Van Phi Hung, has been charged under the Computer Misuse Act for tagging a keylogger onto an email invitation to fellow students to play an online game called ‘Bubble’. He then captured passwords… Read More »
Just in case any of you thought I was making up the domain names in this week’s column, here’s an email I received just now which illustrates how it all works. It’s from the same bunch of guys as all the domains listed in the column, and it looks like this: We received an email… Read More »
Speaking to Well Fargo Online’s Wendy Grover this morning, I realised there’s a dimension to the debate about pop-ups that hadn’t occurred to me before: Phishing. The central argument used by companies such as Wells Fargo in their long-running litigation against the likes of WhenU and Gator (now Claria) is that they confuse the user.… Read More »