Phisher’s getting sneakier



The SecurityFix reports on this clever two-factor authentication phishing attempt. They were looking for Citibank Business customers and in addition to username password information they were looking to verify a supplied token. The bottom line is that phishers will look to find any way possible to social engineer you out of your information credentials, whether they’re one-factor, two-factor or three factor, etc….. It appears as though it was a well done phish with a few exceptions and that it even checked some credentials by the citicard site giving an error message if you entered invalid login info.


For things like this, I really think phising toolbars can be a great help. I like Netcraft’s toolbar. Of course, the best defence is awareness and caution. (Likely those that are aware of the phishing scams and cautious about entering login data on just any site are more likely to have an anti-phishing toolbar….)

Related Posts

Blog Traffic Exchange Related Posts
  • Protecting yourself from Phishing attacks OK - well if you know what phishing is. You may already be ahead of the game. By now you've probably seen the messages. From:security@yourbank.com to:youremailaddress@isp.com subject:Security breach of your account text: It has come to our attention that there have been numerous ip addresses attempting to access your account......
  • 3 Critical Microsoft Updates, 1 Important, 1 Moderate and 1 re-released Looks like an interesting patch day. Looks like there are several bugs covered by the cumulative IE patch... Sans has a good writeup (7 CVE issues addressed by this 1 patch....) Also the Eolas ActiveX settlement ("Eolas Patent Patch") solution seems to be included in this bundle. Also a MDAC......
  • Registrars not verifying contact information on domains? According to a GAO report one of the reasons that phishing and scam websites are because of a lack of enforcement and policing by registrars of accurate contact information. According to their study over 5% of sites had been registered with false data. ~2.5% had been registered with incomplete information.......
Blog Traffic Exchange Related Websites
  • Navigating Hunting Sites There are thousands and thousands of hunting sites online. Someone who enjoys hunting and surfing the Internet could spend weeks just discovering new sites and evaluating them. Because so many new sites go up each day, it would be a never ending pursuit. But because there are so many, that......
  • Phishing, Smishing and Vishing: Tips to Help Your Customers Avoid These Scams It sounds like the title of a nursery rhyme you've never heard of, but phishing, smishing, and vishing are the most prevalent methods of identity theft likely to affect your customers. Your business relationship could be at risk too in the event that it's your information cache that was stolen......
  • New Social Security Calculator for Estimating Retirement Benefits The questions and debates about when to start receiving Social Security retirement benefits continue to rage. The news coming from DC about deficit reduction and increasing the debt ceiling has made things worse. While this is going on, new concerns have arisen about changes that may come to the Social......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site