Free Republic

An internet security expert is calling for better security on web-based email accounts after a recent surge in hack attacks. Hotmail, Google and Yahoo! have joined a growing number of email service providers whose users have been duped by hackers into giving over their passwords in phishing attacks. Phishing involves using fake websites to lure people into betraying personal details such as bank accounts or login names and other private data. Dr Mark Gregory, a senior lecturer in network engineering at RMIT, says internet security must improve as it is too easy for criminals to set up fake sites to...

Status: RO Return-Path: Delivered-To: newright@XXXXXXX.net Received: from freedomusa.org (unknown [208.2.67.197]) by mx03.roc.ny.frontiernet.net (Postfix) with ESMTP id 7E03E80CAC for ; Fri, 19 May 2006 13:33:09 +0000 (UTC) Received: from maildcarg1.dc-host.net.ar (maildcarg1.dc-host.net.ar [200.55.6.132]) by freedomusa.org (8.13.4/8.13.4) with ESMTP id k4JAe58w062296 for ; Fri, 19 May 2006 05:40:06 -0500 (CDT) (envelope-from larrysmith@naveganas.com) Received: from conversion-daemon.maildcarg1.dc-host.net.ar by maildcarg1.dc-host.net.ar (iPlanet Messaging Server 5.2 HotFix 1.21 (built Sep 8 2003)) id <0IZI00I01KIXX8@maildcarg1.dc-host.net.ar> (original mail from larrysmith@naveganas.com) for webmaster@XXXXXXXXXX.org; Fri, 19 May 2006 10:33:08 -0300 (GMT) Received: from dc-host.net.ar (localhost [127.0.0.1]) by maildcarg1.dc-host.net.ar (iPlanet Messaging Server 5.2 HotFix 1.21 (built Sep 8 2003)) with ESMTP id...

In a new twist on phishing, fraudsters are sending out e-mail that attempt to trick people into sharing personal information over the phone. Cloudmark, a San Francisco-based e-mail security company, said it has seen two separate attacks this week. In both cases, the spammed message warns of a problem with a bank account and instructs the recipient to dial a phone number to resolve it, the company said in a statement published Wednesday....

The U.S. Department of Labor said Wednesday it is working to fix a programming glitch in a U.S. government Web portal that makes it easier for phishers to trick people into disclosing sensitive information. The flaw was first exploited by phishers who, earlier this week, began sending out bogus e-mail messages asking for personal information, including social security and credit card numbers. The bug lets these phishers redirect URLs (Uniform Resource Locators) that use the GovBenefits.gov domain to fraudulent Web sites that are unconnected with the U.S. government. This redirecting flaw was first exploited just days ago by phishers masquerading...

The following is another wonderful phishing email I just received. The scary thing is that, according to the Houston Chronicle, about 5% of adults receiving a phishing email provided some sort of personal information to the phisher. Want to fight back? We'll break this phishing scheme down, show you how to trace back a phishing email, and -- in some cases -- alert the parties who, wittingly or unwittingly, provide phishing infrastructure...

Phishers tapping botnets to automate attacks By John Leyden Published Friday 26th November 2004 13:55 GMT Computer criminals are making phishing more potent by automating attacks. Anti-Phishing Working Group (APWG) analysts reckon fraudsters are using automated tools and botnets to ramp up attacks. It estimates attacks grew by an average of 36 per cent a month between July and October.Scam emails that form the basis of phishing attacks often pose as 'security check' requests from well-known businesses. These messages attempt to trick users into handing over their account details and passwords to bogus sites. The details collected this way are...

You know all about phishing scams, right? You know better than to click on a Web link embedded in an e-mail that purports to be from your bank, or to reply to messages requesting your user name and password. But if you think that's enough to protect yourself, think again. A phishing scam currently spreading online works without your ever having to click on a link; all that's required to activate the scam is for you to open an e-mail. And, many security experts warn, this threat may be a sign of things to come. "This style of attack is...