The price of freedom, as they say, is eternal vigilance. A user called bitbully on the Bitcointalk Forums found himself 34 bitcoins poorer when he visited a site claiming to be a chat service connected with Mt. Gox, a popular bitcoin trading service. The site, wwwdotmtg(this is an o)x-ch(this is an a)tdotinfo (do not visit this site), apparently places a cross-site transfer order on the victim’s… → Read More
ENISA, the European Network and Information Security Agency, today called out drive-by exploits as the biggest, most increasing threat of the moment in the Internet landscape, amongst a sea of other all-too-familiar issues like worms, phishing and botnets. Spam, one of the oldest and most annoying aspects of being online, is the only threat that is on the wane, according to ENISA’s Threat… → Read More
Some 15 companies, including Google, Facebook, Microsoft, Yahoo, PayPal plan to jointly work on a standard for blocking phishing e-mails by verifying that they come from legitimate companies. It seems obvious that trusted, legitimate companies could come together to do this, but it’s only started happening in the last 18 months.
DMARC.org – or the Domain-based Message Authentication… → Read More
A hacking group calling themselves “Team Swastika” posted what they claimed was over 10,000 comprised Facebook accounts to Pastebin, a service that serves as an online clipboard. However, according to statements from Facebook PR, these email and password combinations don’t actually represent live Facebook accounts. Instead, it appears that the hackers obtained the accounts using common phishing… → Read More
From now on, any story about “hackers” or “hacking” will be accompanied by a link to the song “Halcyon And On And On,” as made famous by the movie Hackers. With that in mind: who made more money last year, Wall Street fat-cats or hackers? The U.S. FDIC says that online scams cost businesses $25 million last year. These scams include phishing and other associated nonsense, which you really ought to… → Read More
Project Honeypot has announced that they’ve collected one billion spam messages since they started in 2004. They have a pretty remarkable rundown of the trends for spammers in the last couple of years, including a look at the volume of product spam (V1AGRA, etc) versus fraud spam (419, etc). The majority of spam is still largely fire-and-forget, and only a relatively small percentage of spam is… → Read More
Come on, people. You’re probably aware of the big Hotmail scandal going on right now, what with some 30,000 account names and passwords having been leaked over the past few days. And now Gmail and Yahoo! e-mail accounts appear to have been compromised. The thing is, these leaks aren’t the result of a software glitch or anything, but the result of successful phishing attacks. I have one question… → Read More
Notice less phishing e-mail lately? There’s a reason, hot shot: the volume of phishing e-mail has dropped from 0.79 percent of all e-mail sent to 0.49 percent. If we’re looking at just “bad” e-mail, though, phishing scams still make up the bulk: 86.9 percent of “bad” e-mail was phishing-related this month. That’s down six percent from July. → Read More
There’s a phishing scam going around Xbox Live right now that promises free Microsoft points by visiting a Web site. After entering your XBL info in the Web site, it sends the same message to everyone on your friends list. Friends, it’s simply stealing your login info. You get no points, no glory, and you’ll annoy your friends in the process if you give up your info. To… → Read More
Careful with that next e-mail you get from the iTunes music store — it might be a ruse. A cunning attempt to trick you, as it were. According to Computerworld, People began receiving spammed messages yesterday telling them that they must correct a problem with their iTunes account, said Andrew Lochart, an executive at e-mail security vendor Proofpoint Inc. A link in the spam leads to a site… → Read More
Would all Web browsers considered safe by PayPal please take one step forward? Not so fast, Safari. PayPal is planning on barring usage of its site by browsers that don’t include Firefox-like anti-phishing features in the near future. This would include Safari and many older browsers, effectively giving Firefox and Internet Explorer the only real access to its site. Many other smaller… → Read More
[photopress:paypalsafari.jpg,full,right] PayPal, darling of the Internet, has warned its users to steer clear of Apple’s Safari Web browser because it doesn’t support anti-phishing technologies. (IE 7 and the upcoming Firefox 3.0 do, however.) Specifically, PayPal says Safari’s lack of support for Extended Validation Certificate, a technology that turns the address bar green when… → Read More
A shiny new Mac trojan was discovered yesterday, so best be careful when you’re surfing shady Web sites looking for “Disney” or other innocent-sounding things. The trojan, named OSX.RSPlug.A Trojan Horse by Intego, installs itself on your Mac disguised as a video codec. Once installed, it changes your machine’s DNS server to redirect all Web inquiries to malicious Web… → Read More
There’s no doubt that phishing has become a huge problem. If you legitimately bank online, use Paypal, or have an eBay account, it’s beyond my comprehension how you manage to tell the real e-mails and fake e-mails apart. But Mikko over at F-Secure has what seems like a foolproof plan to counter bank-related phishing scammers. Make a new top level domain called .bank. This new domain… → Read More
, now some unscrupulous bastards are sending out Lik-Sang phishing emails. An eagle-eyed reader sent us an email pretending to be from Lik-Sang that includes a “link” to PayPal. Our records indicates you can retrieve an additional $ 9,99 USD refund in your PayPal account. In order to successfully retrieve the refund please confirm your existing PayPal account on this page [link to… → Read More
Austin, TX
Seattle, WA
San Diego, CA
Menlo Park, CA
Disrupt Europe: Berlin Hackathon
Berlin, Germany
San Francisco
