Blog article
See all stories »

An article relating to this blog post on Finextra:

Phishers take aim at MasterCard SecureCode

Security experts are warning of a new phishing scam in which fraudsters are targeting MasterCard customers with false promises of discounts on future purchases.


See article

Phishers take aim at Phishers fraud forum!

I’m always amused by security companies generating PR with a title such as “Phishers take aim at XYZ!”. So I was amused as well to see the article titled Phishers take aim at MasterCard SecureCode  

That’s because Phishers will hit ANYTHING these days. From good old banks, credit unions and building societies, through security programs and government portals, to social networks and online games. Youtube, Myspace, iTunes and World of Warcraft are constantly targeted by Phishing and crimeware. In fact, if your brand isn’t hit by phishers, you should start to get worried. The Phishing victim roll is the new Internet who’s who list.  

What people are less familiar with is the huge amount of inter-fraudster phishing. That’s right. “Phishers take aim at Phishers fraud forum!” is a title that shouldn’t come as a surprise. Some hardworking phishers do their honest day job of stealing credentials, and then comes a total crook and phish them for their fraud forum password so he can pose for them, buy accounts on their behalf without paying, and generally ruin their reputation. Some Trojans follow the same despicable practice: when a computer is infected by a botnet and the usual plethora of malware is injected into it, you always find some scavenging crimeware that waits until one of the legitimate Trojans intercepts a good credential. It then secretly sends a copy to its immoral operator. Which is totally not fair, I’m sure you’ll agree.

Trojan makers actually had to develop an internal encryption mechanism just to fight this type of unjust, parasite behaviour.  

The next ‘Phishing take aim at XYZ!’ wave bound to happen is enterprise emails; already when I get emails from corporate HR or marketing, I scrutinize every line to see whether it’s real or phishing.

4001

Comments: (1)

A Finextra member
A Finextra member 18 April, 2008, 11:33Be the first to give this comment the thumbs up 0 likes

I setup a free email account and within 24 hours I had received over 90 emails including phishing attempts to get something as simple as my phone number right through to bank account details.

Fortunately the anti-spam software did stop it, but also an email I wanted. I had to read all the subjects in the end anyway, so all the spam software really saved me from doing was moving them to the spam folder. I suppose I used almost equal effort moving the one I wanted out of the spam folder.

I can't say I would be inspired to pay much for that as a service really. 

I would like something useful such as to be sure that an email from my bank was genuinely from my bank because that would reduce the effects and profits from phishing.  What would I be willing to pay? No more than a 'cheap as chips' US cent per email message.

What would you pay to be sure that email was from your HR department? 

Uri Rivner

Uri Rivner

CEO and Co-Founder

Refine Intelligence

Member since

14 Apr 2008

Location

Tel Aviv

Blog posts

89

Comments

37

This post is from a series of posts in the group:

Online Banking

This community is for discussion of developments in the e-banking world, including mobile banking. This can include all the functional, business, technical, marketing, web site design, security and other related topics of Internet Banking segment, including public websites of the banks and financial institutions across the globe.


See all

Now hiring