Recently, Twitter implemented technology to help stem the threat of malicious URLs being propagated though its service. This approach seems to be a great effort on the part of Twitter to prevent attackers from tweeting malicious links.
It appears as if the tool is filtering tweets and comparing any embedded URL to their list of known malicious sites. Trying to determine whether a URL points to a malicious website in a large-scale automated fashion, especially in today’s threat landscape, is a challenging problem. From my perspective, there are a few issues that need to be worked out. Twitter is likely in the nascent stages of addressing these types of issues and we expect they will try to overcome the associated limitations.
To date we've only seen a relatively small number of attack attempts involving malicious URLs on Twitter. URL-shortening services are often at the heart of these types of attacks as bad guys try to take advantage of the system to disguise...
Part I on Friday discussed the early days of phishing from relatively harmless spam to targeting the financial sector and then to an increasingly professional operation with serious consequences for both organizations and individuals.
The threat evolves further
In a technical sense, phishing has evolved in a number of ways. Phishers are conscious of the different anti-phishing technologies out there – many of which employ block lists of suspicious Web sites. Block lists work by matching the URL that appears in the address bar of the Web browser with a list of known phishing Web sites. If there is a match, the user is warned. To get around that, in September 2006 many phishers started randomizing the sub-domain portion of the URL. While these URLs lead to the same site, no two are the same, and therefore the technique circumvents basic block lists.
Phishers are also privy to the fact that their pages are being viewed...
Symantec is celebrating its 25-year anniversary and, during the course of the company’s history, we’ve seen the threat landscape evolve continuously. Many of the threats we routinely address today were practically unheard of in the early days. While much of the activity back then was centered around viruses and other forms of malicious code designed to wreak havoc on customers' personal computers, today’s landscape now includes new threats that can wreak havoc on customers’ personal lives, stealing their money and also their identity.
One of these emerging threats is phishing. Phishing is a threat whereby attackers use social engineering mechanisms, in a fairly automated way, to trick victims into divulging sensitive data that can later be used to assume a victim’s identity on an online site or in a financial transaction. Throughout 2006, Symantec observed over 300,000 unique phishing emails and blocked these messages in nearly three billion phishing instances. Phishing...
