Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Website Security Solutions
Showing posts tagged with phishing
Showing posts in English
Tim Callan | 31 May 2007 | 0 comments

The Anti-Phishing Working Group reports that it has documented an astounding 55,643 new phishing attacks in April 2007. That's the largest number of new phishing attacks ever in history and a fourteen-fold increase in eighteen months (up from 4000 in October, 2006).

Tim Callan | 17 May 2007 | 0 comments

In case you missed the news, today a massive phishing attack launched against the Dell brand and Dell.com. It continues a trend we've seen for a long time now where phishers continue to innovate about which online brands they will counterfeit and how they will create messages that trick consumers into giving up critical information. It's been a long time since the only phishing targets were major banks and PayPal. Utilities, lotteries, e-commerce sites, and social networking sites all get phished today.

Tim Callan | 01 May 2007 | 0 comments

Here's an interesting article on fraudulent use of Google Adwords to plant key loggers on client systems. It's an example of another crafty way that the criminal community is finding to exploit ambiguity about who you're connecting to. In this case the criminals were passing through a site that installed a key logger on the way to the real site. But it's equally easy to imagine setting up a bona fide phishing site or an entirely fake online store/bank/loan site/trading site to do the same thing.

Enter authenticated identity, AKA Extended Validation. Now when you click on an Adword that appears to be from a business you know, you have better methods of verifying that it's truly that business....

Tim Callan | 19 Apr 2007 | 0 comments

Welcome to this week's edition of Told-You-So Corner. Today's subject is the need for authentic identity with regard to online tax filing.

[Tim steps up on soapbox]

In the past I've spoken with many people (and blogged) about online tax filing as a vulnerability for phishing and other social engineering attacks. Well, this tax year we saw quite a spate of online activity that we could categorize as phishing attacks aimed at those seeking to file their taxes online.

Tim Callan | 08 Mar 2007 | 0 comments

Here's an article on the newest breed of phishing attack, which disguises itself as a communication on how to protect yourself against phishing.

Tim Callan | 14 Feb 2007 | 0 comments

When you sign up to check out the RSA keynote speeches, including VeriSign CEO Stratton Sclavos's presentation on security in the Any Era, make sure you check out the selection from Friday called "Phish or No Phish." Host Hugh Thompson shows us an interesting exercise where the security professionals in the room are trying to choose between phishing messages and real messages. Over a quarter of them pick the wrong message, which Hugh points out as very significant.

There's also some insightful discussion of marketing security online and the value of so doing. Both these points are relevent from the perspective of Extended Validation SSL and the...