Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Evolution of the Phisher

Posted by CmdrTaco on from the we-got-a-live-one-here dept.

gurps_npc writes "An article at CNN discusses the how Phishers have moved beyond the typical email scam. Last month, Secunia (Danish security firm) documented a case where a phisher somehow modified a windows host file so that when you type in the correct url in the address, it redirects you to the phisher site. Worms and spyware are being built for the purpose of phishing, and it is also believed that phishers are attempting to compromise domain name servers. If one of these go down millions could lose their security instantly, even if they themselves have maintened the security of their computers."

4 of 278 comments (clear)

  1. Shouldn't it be.... by GillBates0 · · Score: 4, Interesting
    phisherman.

    Fishermen fish.
    Phishermen phish.

    It's not "Fishers fish".

    Carrying the analogy further, IE becomes a "phishing net" and Windows becomes a "phishing boat". The intarweb may be viewed as the "ocean" and your average AOLer a dumb "phish". Smarter geeks could be viewed as smarter"dolphins".

    Interesting, huh.

    --
    An Indian-American Hindu committed to non-violent thought/speech/action alarmed by the global explosion of radical Islam
  2. Re:Certificates changed? by Jarn_Firebrand · · Score: 3, Interesting

    That's why you have all the stuff you need to patch it on a floppy/CD/flash drive, and don't have it connected to the internet right away. Common sense. Okay, maybe not common sense to most people.

    --
    Grammar Nazi
  3. Re:Certificates changed? by statusbar · · Score: 3, Interesting

    I haven't tried this, but I heard that it is possible to create an un-signed certificate set to use 'plaintext' encryption which most web browsers will not complain about. No encryption is done and no signature is possible or required.

    Does anyone know if that is correct? If so, then this is possibility.

    --Jeff++

    --
    ipv6 is my vpn
  4. Re:Certificates changed? by soft_guy · · Score: 3, Interesting

    Not only that, but what if the "new" computer you are buying has been opened, modified, reboxed, and sold to you? Do you trust the store where you bought it, or just buy on price? This doesn't have to be totally the store's fault either (but could be).

    Also, what if someone on the inside were to modify the master disk used to image the hard drives at a factory. Sure it might make the news and eventually you'd hear about it, but it still wouldn't be fun to be one of the people affected?

    --
    Avoid Missing Ball for High Score