Phisher’s getting sneakier



The SecurityFix reports on this clever two-factor authentication phishing attempt. They were looking for Citibank Business customers and in addition to username password information they were looking to verify a supplied token. The bottom line is that phishers will look to find any way possible to social engineer you out of your information credentials, whether they’re one-factor, two-factor or three factor, etc….. It appears as though it was a well done phish with a few exceptions and that it even checked some credentials by the citicard site giving an error message if you entered invalid login info.


For things like this, I really think phising toolbars can be a great help. I like Netcraft’s toolbar. Of course, the best defence is awareness and caution. (Likely those that are aware of the phishing scams and cautious about entering login data on just any site are more likely to have an anti-phishing toolbar….)

Related Posts

Blog Traffic Exchange Related Posts
  • The perils of Metadata in documents Loose lips sink ships, so the old saying goes. These days documents are emailed back and forth and many times, revisions are made to "polite the text" up or "sanitize" or "redact sensitive information". With many file formats though, the metadata about the revisions (or even the old versions of......
  • Sun Java security updates/ Windows software update rant... Incidents.org has the story on Sun's release of new versions of the Java Runtime Environment and the Java SDK to fix some remote security vulnerabilities. These security vulnerabilities could allow malicious, untrusted code to compromise a user's computer. Sun recommends that users update to the newest version of the SDK......
  • Registrars not verifying contact information on domains? According to a GAO report one of the reasons that phishing and scam websites are because of a lack of enforcement and policing by registrars of accurate contact information. According to their study over 5% of sites had been registered with false data. ~2.5% had been registered with incomplete information.......
Blog Traffic Exchange Related Websites
  • Podcasting Made Easy A podcast is probably the easiest way of getting your voice or music over the internet, and this article will tell how to make a podcast. You will need a domain and a host for you site if you don't already have one. You can get a domain from places......
  • Looking for a Financial Planner or Advisor? Start Here. A New Era Dawns in the Need for Personal Financial Planning¬† As the chaotic behavior in the markets subsides, and with increased regulation of financial services on the horizon, a new era in retirement planning and financial planning will likely set in.¬† Tax rates will have to sharply increase to......
  • Tips for Getting Advertisers for Your Site [/caption] Direct advertising is one of the best ways of monetizing a website. However, getting advertisers for your website and eventually closing the deals, is not a simple matter. The following are some things that will attract advertisers to your website. A popular site Before getting direct advertising offers,......
PDF24    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site