For the past 18 months
, engineers at PayPal, Google, Facebook, Yahoo, AOL, Microsoft and nine
other technology companies have spent their off-hours (and some on-hours) working hand in hand to tackle the problem that plagues them all: e-mail phishing
. The result is DMARC
, or, "Domain-based Message Authentication, Reporting & Conformance". It's not new, but puts SPF
to work in a new way
posted by Blake
on Jan 31, 2012 -
A thread at Apple's Support site
has popped up with frustrated users describing nearly identical iTunes account disruptions: up to hundreds of dollars of charges are being racked up by fraudulent buyers, using iTunes gift card balances and even credit card information to fund the purchases. [more inside]
posted by Khazk
on Mar 9, 2011 -
Want to teach the youngsters (or parents, or yourself) how to avoid phishing
scams? Anti-Phishing Phil
is an online-game that uses Phil the fish to teach just that. Apparently
it's more successful than a tutorial with the same information.
posted by dr. moot
on Sep 27, 2007 -
Spoiling Harry Potter:
Hacker claims to have spoiled the last Harry Potter book with a technique called spear phishing
. "We make this spoiler to make reading of the upcoming book useless and boring ... It's amazing to see how much people inside the company have copies and drafts of this book."
Let's see if we can discuss spoilers and spear phishing without actually spoiling anything here. Warning: The Wired link is safe, but it contains a link to the purported spoiler.
posted by Cool Papa Bell
on Jun 21, 2007 -
is an interesting idea -- take the basics of DNS, add a bunch of features
like caching servers, a phishing blacklist, and search engine fired off for misspelled domain names. Pretty handy and nice to see a service pop up where I thought browsers would someday fix (like typos). No software to install, just point your DNS at their IPs.
posted by mathowie
on Jul 19, 2006 -
Despite efforts to stop phishing
, they have continued to become more pervasive. While some tools
are helping combat the problem, they have done little to curb these activities. Cellphones, Yahoo IM and AIM were all recently hit by new types of attacks. The AIM attack was more sophisticated than previous versions and combined phishing with a worm that installed software that allows the attacker to potentially take over the comprimised machine. To complicate problems further, a vast majority of these scams take place in locations that make it difficult if not impossible to prosecute the operators.
Because of this, I was delighted to read about hackers that are defacing phishing sites
. While this is not legal either, it was some what satisfying to find out these asshats were getting a taste of there own medicine. Do any of you think a penny should be wasted persuing these hackers? If not, what are the legal implications in allowing hackers to attack some sites and not others?
posted by Mr_Zero
on May 26, 2005 -
Students go 'phishing' for user info
Indiana University grad students conducted an e-mail experiment
showing the ease of login, username theft. The "hack" outraged some, but raised questions about privacy and the public sphere. A blog
was created specifically to provide a forum for students involved in the study. The site lists comments
-- some grateful that they have learned about phishing, but most are furious.
posted by ericb
on Apr 27, 2005 -
There's always someone trying to get what's yours. They take advantage of the misery
of others, and if you're labeled a sucker
, then you could end up being deluged. Can you tell
what is real
posted by viama
on Feb 9, 2005 -
GMail not-so-safe Mail.
So apparentley GMail has a major exploit that's been discovered by an Israeli hacker. "Using a hex-encoded XSS link, the victim's cookie file can be stolen by a hacker, who can later use it to identify himself to Gmail as the original owner of an email account, regardless of whether or not the password is subsequently changed."
And so the fun with GMail begins..
posted by mrplab
on Oct 29, 2004 -
Hackers target Cell Phones
With the connectivity of cell phones to the internet, hackers have begun to target cell phones, programming prank calls, placing calls to wherever and erasing the software in the phone.
posted by Lanternjmk
on Mar 11, 2002 -
The SEC has created a fake website
to try and educate the naive. I can't decide if this is a good idea, or if someone has too much time on their hands and is wasting my tax dollars.
posted by FreezBoy
on Jan 30, 2002 -