Hosting
Green web hosting packagesTutorials
Beginners guides to SEO & hosting
WIGHT HAT BLOG
I am going to Abuja for 419 months
Adam Provis, January 17, 2012
I will also be victim to a phishing attack shortly afterwards!
For those of you not familiar with the term “Phishing”, it is when people obtain information from you by disguising why you should give them the information. This information can then be used for identity theft, security access (for example to your bank account) or by marketing companies. The term originates from the phonemic equivalent “fishing” replacing ‘f’ for ‘ph’ to follow terms such as “phreaking”.
These have been around for some time. A common phishing attack was to have a screen that looked like your normal login screen (for your computer, bank or anything else that you might enter a password into) and send people to it. The unsuspecting user would enter their details as they normally do. After this the “fake” page would record these details and then show some sort of “password incorrect” error and ask you to log in again- this time to the genuine screen so that you gain access and think nothing more of it. The attacker has now got you username and password details on record.
To combat this, banks typically ask further questions once you are logged in such as your mother’s maiden name, your first pet, your date of birth etc. To get this information you need only do another phishing attack but this time dress it up as a game. Most people have been asked what your porn star name is (your first pet followed by your mother’s maiden name), your star wars name (the first car that you drove followed by something or other) and these, whilst they seem like harmless fun can be further phishing attacks. It is a case of “how can I get someone to tell me this information without arousing suspicion?”.
The latest one is targeted at women. You post on Facebook that you are going to a city (which corresponds to your month of birth) for X months (which corresponds to your date of birth). Coupled with your age (which is already on your Facebook profile) and you have the person’s date of birth. A clever twist of this is that most geeks out there (that are generally more aware of these scams) are men and so by making part of the game not to tell men reduces the general suspicion level.
Be afraid- Nigerians may have your bank account in their sights.
The author of the Windows file copy dialogue visits some friends
Adam Provis, June 9, 2011
Courtesy of XKCD
6 types of email con
Adam Provis, May 23, 2011
Most email cons can be split into the following categories- be sure that you can spot them. The Nigerian scam (419) This type of scam is named after the section of the Nigerian penal code which addresses fraud schemes. It will tell you that some long lost aunt, a rich business man or some other [...]