Forget About That "Secret" (and Invisible too, now) Corny Corner-Ribbon's Drivel! The Real Secret is HERE Indeed - not over there!

Friday, May 27, 2005

Phishing twist relies on bogus blogs

Freaky Friday material right here, folks... or should I say/type/write... ''phreaky phriday phishing'' *lol*
It appears that even something as innocent as a blog can in fact (phact?) be a ''malicious virus writer's attempt to phish'' - and you are the prized catch he's after!!! Yikes. If, in this day and age, one is not safe even in the supposed-to-be innocuous surroundings of a BLOG... where can one be truly 100% safe anymore?!?
Online or offline...! Huh? HUH? *lol*

Rest assured though, faithful readers, that on the luminous blog there is nothing phishy going on - at all... ever! No phishing allowed on luminous land - except that of souls mayhaps...! ;)

Comments:
Phishing twist relies on bogus blogs
Last modified: April 12, 2005, 8:27 AM PDT
By Dawn Kawamoto
Staff Writer, CNET News.com

A new form of phishing is taking shape and riding on the growing popularity of blogs, security company Websense said Tuesday.

Malicious virus writers are attempting to lure people to malicious blogs using enticing e-mails and instant messages, according to a new report from Websense. Once a person arrives at the blog, which can be posted on a legitimate host site, the victim's computer becomes infected with software designed to steal sensitive information, such as passwords and bank account information.

"These aren't the kind of blog Web sites that someone would stumble upon and infect their machine accidentally," Dan Hubbard, Websense senior director of security and technology research, said in a statement. "The success of these attacks relies upon a certain level of social engineering to persuade the individual to click on the link."

In the past four months, Websense has detected hundreds of cases where blogs were used to store malicious code and infect users' computers. Malicious virus writers are attracted to blogs not only because the medium's popularity is growing, but also because of the free storage often provided by the host site and the lack of antivirus protection provided for these posted files.

Websense said that as of Tuesday, there are 210 active bogus blogs. The company also notes that the average lifespan of one of these blogs is three or four days.

In one recent case, Websense found a spoofed e-mail that tried to lure people to a malicious blog that would run a Trojan horse. The e-mail looked like it came from a popular instant-messaging service, and it tried to entice the recipient to click on a link to get a new version of its IM program. But when people clicked on the link, it directed them to a blog that hosted keystroke-logging software to steal their passwords when they accessed certain online banking sites.

The use of blogs is just the latest twist on phishing techniques. Other phishing offshoots include cross-site scripting and DNS poisoning.
 
Related News:
eBay scrambles to fix phishing bug

March 4, 2005
Finding a replacement for passwords

February 23, 2005
Vigilantes launch attack on scam sites


Find those stories on... CNET News.com
 
Luciano,

That is scary! That makes me warry of going out and looking at unknown blogs! I think my computer is pretty well protected, but I wouldn't want to test it!
Thanks so much for warning us about this!

Countess
 
I found what I think is some related news from Yahoo.

Phishing in Yahoo Messenger!

I wonder if I should start using MSN messenger for a while until Yahoo Messenger gets some security walls for this?

Countess
 
There goes my theory that Yahoo was actually BETTER than Bill Gates' monopoly... hmpf! :(
 
Post a Comment

<< Home

This page is powered by Blogger. Isn't yours?

Luminous ARCHIVES


Est. 2003
© 2007 Onwards ~ Luminous Luciano Pimentel
TLB Prime, The Truth, Luminous Writings, Aqua Musings, The Saudades Blog, 365 Days/Reasons and every other affiliated TLB Prime Network site, whether on Blogger or on another provider, are the intellectual properties of Luminous Luciano aka Luciano Pimentel.
No sections of this website may be reproduced or used in any way, partially or completely, in any fashion whatsoever without written authorization - the only exceptions to this rule occurring in the advent of an objective review of the entertaining value of said material and/or in the advent of objective and 'fair use' of my copyrighted material as provided for in section 107 of the US Copyright Law.
Likewise, several elements displayed on this and on any given blog part of the TLB Prime Network may or may not be in the public domain; in the case of copyrighted material showing up here or anywhere else throughout this network, it is done so in accordance to the rules of the aforementioned FAIR USE ACT - always and in all ways.
All this in total and complete accordance with Title 17 U.S.C. Section 107.
For more information, once more, go here
God Bless!

  • Luminous
    Twitter


    on the bottom of the blog
    follow luminousluciano and the TLB Prime Network at http://twitter.com