Phishing continues to occupy the news this week, first with the breakup of a nearly 100-person phishing gang in the US and Egypt, and now with the anecdote recently told by FBI Director Robert Mueller about his own near capitulation to a phishing attack.
Mueller's story is particularly interesting in that the phish site seemed "perfectly legitimate." I don't know what the site was, but I have to suspect that either Mueller is among the one third of the population using a pre-EV browser, or his particular bank is one of the laggards that has not adopted EV SSL. While the slant of the news stories I've seen has been "Don't feel bad, it can even happen to the chief of the FBI," my takeaway is subtly different. The reason it can happen to the chief of the FBI is that he hasn't been given the tools to tell the difference between real and fake. You can see for yourself how hard it is if you take our Phish-or-No-Phish Challenge.
And as a last bit of fun on this busy phishing news week, I appeared on Las Vegas television yesterday. Enjoy.