I don’t really need to introduce this piece from Sam Varghese of the Sydney Morning Herald. It touches on a theme I’ve harped on before: How banks still don’t understand phishing and how it has changed consumer attitudes, and how it must change the way banks approach the Internet. Phishy behaviour or harmless spin points… Read More »
Last week I wrote in my WSJ.com/AWSJ column (sub required) about the cross site scripting phish I received a few weeks ago (it appeared late because of the Easter holiday.) The point I made in the column is that most of the browser toolbars designed to prevent phishing failed to warn the user of the… Read More »
More evidence that phishers are widening their net. Munir Kotadia of ZDNet Australia reports that Yahoo’s free instant-messaging (IM) service is being targeted by phishers in an attempt to steal usernames, passwords and other personal information. Yahoo confirmed on Thursday its service was being targeted by a phishing scam. According to the search giant, attackers… Read More »
Saw a chilling presentation today from Fabrice A Marie of FMA-RMS at the Bellua Cyber Security Asia 2005 conference in Jakarta. Fabrice talked about Hacking Intenet Banking Applications, something he does for a living on behalf of banks around the region. Bottom line: They’re easy to hack. Of 15 banks’ application assessments he worked on… Read More »
I gag to think of the implications if no one is doing this, but so far I don’t get any feeling that, at least in Asia, anyone is. We need a banks’ charter to keep customers’ private data private and safe. Why? Banks continue to be cavalier with our personal information, reflecting not only a… Read More »