Slashdot Mirror

← Back to Stories (view on slashdot.org)

"Phishing" Attacks to Increase

Posted by CmdrTaco on from the stop-clicking-on-emails dept.

neutron_p writes "The number of people who succumb to identity thieves' "phishing" e-mails could go way up if immediate action isn't taken to preempt the next generation of attacks, according to an Indiana University School of Informatics researcher. "Phishing" e-mails appear to be sent by legitimate businesses, but are actually created and distributed by villains who are after your personal information. They describe some thieves' tricks. One kind of context-aware attack tricks eBay bidders into giving out identifying information by leading bidders to believe they've won an auction. In another kind of context-aware attack, a potential victim might receive a message from a known person -- for example, a friend or loved one - asking him or her to go to a Web site to update banking information."

4 of 358 comments (clear)

  1. In related news... by slavemowgli · · Score: 5, Informative

    In related news, Google has recently updated Gmail with an automatic detection of phishing attempts / spoofed emails; suspicious emails will be displayed with a warning:

    "Warning: This message may not be from whom it claims to be. Beware of following any links in it or of providing the sender with any personal information. Learn more"

    Like spam detection, it's not perfect, of course, but I think it's a very good idea.

    --
    quidquid latine dictum sit altum videtur.
  2. Got one of these a week ago... by RyoShin · · Score: 4, Informative

    I got a phishing e-mail (should it be called 'bate'?) a week or so ago, but there were two key things that let me know it was a scam (aside from general common sense):

    1) I don't have an account at the bank listed (Citibank, in this case.)

    2) The e-mail itself was a giant GIF. (It did have the 'fail-to-get-around-spamblocker' words in text at the bottom, though.)

    Instead of getting rid of phishing scams, we should get rid of low-common sense/stupid people on the net. Then we wouldn't have this problem. Or many others.

    A leader is only a leader when he has followers.

  3. Re:Huh? by Yolegoman · · Score: 5, Informative

    It's "Phishing", and the general idea behind it is to send someone an email saying something like "We, Citibank, need you to update your banking information due to a database crash." They then send you to a site that LOOKS legit, and you then enter your information or even just your username / password. The phishers then have your account information, and they are free to do whatever they please with it. As has been said, it's only because uneducated grandmas and fools actually do what the emails say that the Phishers keep sending their crap. - Yolego

  4. Re: I would agree with you... but.. by bludstone · · Score: 5, Informative

    I've actually recieved one of these emails. It looked legit.

    Really legit.

    In fact, the only clue that it wasnt an official notice was the email came from ebay.(official sounding name).com

    That and they asked for my l/p, which I know not to give over email.

    Honestly, I can say that this goes beyond normal user stupidity. People are being scammed, and these are expert scams. Yeah, people need to apply more critical thinking skills to these things, but I think you are not giving the creators of these emails enough credit.

    I mean, they look _really_ official.

    --

    no .sig