Phisher’s getting sneakier



The SecurityFix reports on this clever two-factor authentication phishing attempt. They were looking for Citibank Business customers and in addition to username password information they were looking to verify a supplied token. The bottom line is that phishers will look to find any way possible to social engineer you out of your information credentials, whether they’re one-factor, two-factor or three factor, etc….. It appears as though it was a well done phish with a few exceptions and that it even checked some credentials by the citicard site giving an error message if you entered invalid login info.


For things like this, I really think phising toolbars can be a great help. I like Netcraft’s toolbar. Of course, the best defence is awareness and caution. (Likely those that are aware of the phishing scams and cautious about entering login data on just any site are more likely to have an anti-phishing toolbar….)

Related Posts

Blog Traffic Exchange Related Posts
  • Google Maps hybrid map seems more complete A short while back, I compared MSN Virtual Earth and Google Maps, one of the things I noted was that the hybrid feature of MSN's map was somewhat more complete, however I found a few errors. (The hybrid feature has a satellite image with road names and outlines superimposed over......
  • The perils of Metadata in documents Loose lips sink ships, so the old saying goes. These days documents are emailed back and forth and many times, revisions are made to "polite the text" up or "sanitize" or "redact sensitive information". With many file formats though, the metadata about the revisions (or even the old versions of......
  • Phishing test... So, I've talked a good deal about phishing scam emails and I had to read when I found this article at the sunbeltblog. They posted a link to a site with some tips on phishing, as well as a "test your phishing smarts" kind of test at mailfrontier.com. I HIGHLY......
Blog Traffic Exchange Related Websites
  • SANS Baltimore 2011, Baltimore, MD, Save $250 until September 7   This is your final reminder that SANS will be hosting hands-on security management, technical security, and computer forensics training at SANS Baltimore 2011 October 9-15! * Register & pay for any five- or six-day course by Wednesday, September 7, 2011, to receive up to a $250 discount and get......
  • Write better Google ads almost instantly Have you written Google ads that haven't produced the results that you wanted? Many of us have received Google Adwords credit either from their hosting company or from Google directly. Often times, we take that amount, create an ad in less than a few minutes and cross our fingers. Sure,......
  • Phishing, Smishing and Vishing: Tips to Help Your Customers Avoid These Scams It sounds like the title of a nursery rhyme you've never heard of, but phishing, smishing, and vishing are the most prevalent methods of identity theft likely to affect your customers. Your business relationship could be at risk too in the event that it's your information cache that was stolen......
PDF24    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site