Phishing con hijacks browser bar

Grok Headline matches for Phishing con hijacks browser bar

Security in new Opera browser fights
phishing

Security in new Opera browser fights
phishing 04/19/2005 07:05 AM
Internet browser company Opera Software has added features for tighter security and the ability to surf the Web with voice commands in the latest version of its browser, Opera 8 for Windows and Linux, launched Tuesday.

Opera's New Browser Fights Phishing (PC
World)

Opera's New Browser Fights Phishing (PC
World) 04/19/2005 11:06 AM
PC World - Opera 8 for Windows and Linux also comes with voice recognition software.

Anti-Phishing Toolbar Available. How to
Avoid Bank and Ebay Phishing Scams

Anti-Phishing Toolbar Available. How to
Avoid Bank and Ebay Phishing Scams 12/30/2004 07:54 PM
Tech-Recipes Dec 30 2004 11:09PM GMT

New Worm Hijacks Webcams

New Worm Hijacks Webcams 08/27/2004 02:14 PM

Internet piracy hijacks sales

Internet piracy hijacks sales 07/11/2004 11:47 AM
The Advertiser Jul 11 2004 3:13PM GMT

Porn purveyor hijacks newspaper domain

Porn purveyor hijacks newspaper domain 06/10/2004 10:28 PM
Sunday Times South Africa Jun 11 2004 2:27AM GMT

13-Year-Old Hijacks Dad's 40-TonTruck
(Reuters)

13-Year-Old Hijacks Dad's 40-TonTruck
(Reuters) 06/29/2004 10:48 AM
Reuters - A 13-year-old German boy took a joyride in his father's 40-tontruck, driving it for 50 miles before police stopped him on the motorway.

RE: Round One: "DLL Proxy" Attack Easily
Hijacks SSL from Interne t Explorer

RE: Round One: "DLL Proxy" Attack Easily
Hijacks SSL from Interne t Explorer 02/11/2004 03:09 PM
Johnson, Jeff FOR:EX (Feb 10 2004)

Sneaky game hijacks your buddy list to
spam your pals

Sneaky game hijacks your buddy list to
spam your pals 02/12/2004 01:59 PM
When players accept the terms of service for an Osama Bin Laden game, a piggyback program sends advertising to everyone on their buddy lists.

On Wednesday, Buddylinks' Web site contained a message denying the program is a virus. The home page also makes no mention that the program would in the future send out additional advertisements using the same method.

"Our games interact with instant messengers by promoting the game among the user's network of buddies,'' it reads. "Please understand, our flash games are in no way a virus. We simply combine peer-to-peer, social networking, and instant messaging into one spectacular technology.''

Link

RE: Round One: "DLL Proxy" Attack Easily
Hijacks SSL from Internet Explorer

RE: Round One: "DLL Proxy" Attack Easily
Hijacks SSL from Internet Explorer 02/10/2004 02:57 AM
Ward Taylor (Feb 09 2004)

Round One: "DLL Proxy" Attack Easily
Hijacks SSL from Internet Explorer

Round One: "DLL Proxy" Attack Easily
Hijacks SSL from Internet Explorer 02/10/2004 02:57 AM
Disclosure From OSSI (Feb 09 2004)

Browser Wars : Wells Fargo Bans Opera
Browser

Browser Wars : Wells Fargo Bans Opera
Browser 02/05/2005 09:42 PM
As of 8am today - Wells Fargo (one of the largest Banks in the United States) began blocking Opera browser from it's online banking.

The browser is dead! Long live the
browser!

The browser is dead! Long live the
browser! 01/02/2004 07:26 PM

BROWSER SECURITY TEST (free):
Automatically checks your browser for
various security problems. When the test
is finished you get a complete report
explaining the discovered
vulnerabilities, their impact and how to
eliminate them

BROWSER SECURITY TEST (free):
Automatically checks your browser for
various security problems. When the test
is finished you get a complete report
explaining the discovered
vulnerabilities, their impact and how to
eliminate them 03/13/2003 10:26 AM

Gone Phishing

Gone Phishing 01/25/2004 09:50 PM

Phishing for the end

Phishing for the end 08/17/2004 04:56 PM
"This site was created with one goal; to create the most comprehensive online archive of information and digital photos of the Coventry Vermont Phish show, August 14th and 15th 2004." Seems odd to think folks went to the trouble of dedicating an entire website to just a single concert, until you learn it was the very last one for Phish.

Phishing behind Google

Phishing behind Google 08/28/2004 01:03 AM

I just received a phishing email purporting to be from PayPal.  No surprise there since I get many of them everyday, but I looked closer at this one because it looked very professionally done.  I looked at the raw message and found this odd link:

This particular phisher is bouncing off Google to hide itself from domain name-based phishing detectors and scanners.  Clever.  Clicking on the link will open a browser to Google's URL search CGI which will automatically redirect the browser to the phishing site at IP address 209.152.181.10.  This trick will bypass phishing detectors that examines only the domain name part of a URL to see if it looks suspicious.

So the lesson here for security developers is to look at all the parameters and to keep track of oh-so-helpful redirectors like Google.  Also, website developers should keep in mind that helpful service is helpful to all, including the bad guys, and they might become an unwitting partner in crime.  For lawyers, it's a new source of income concern.

eBay Goes Phishing

eBay Goes Phishing 01/03/2005 12:35 PM
The popular online auction site rolls out a new approach in tackling account hackers: cut bait.

Phishing on the rise in U.S

Phishing on the rise in U.S 06/15/2004 02:57 PM
ZDNet Jun 15 2004 5:56PM GMT

IE bug provides phishing tool

IE bug provides phishing tool 12/10/2003 05:50 AM
ZDNet UK Dec 10 2003 5:09AM ET

Phishing and Bouncing

Phishing and Bouncing 09/12/2004 12:36 PM

Looks like the trick of using redirection CGIs at popular website (described in Phishing with Google) is getting popular among phishers. I just got a couple that uses AOL's redir-complex CGI at:

http://r.aol.com/cgi/redir-complex?url=whereever

Note that phishers can use not just the redirecting CGIs, but also those CGIs that use return URL as parameters.  In fact, these types of CGIs are popular among financial institutions and single-sign on services.  For example, both Passport and 3D-Secure uses them.

The future of phishing

The future of phishing 04/29/2004 10:42 AM
vnunet.com Apr 29 2004 2:09PM GMT

Political Phishing

Political Phishing 08/03/2004 12:32 PM
It's election season, and that means that, just like with all the other news-sensitive scams, phishers are getting political. The latest is a phishing email that simply copied a donation request from the John Kerry campaign, but changed the link to a fake site. Of course, the folks behind the scam made one very stupid mistake: remotely using an image hosted on the Kerry website -- which was quickly changed by the campaign to explain that the site was a scam (though, it's likely this confused some people -- hopefully enough to stop them from donating). Still, it's likely that the next version won't make the same mistake. With the success phishing emails have had lately, and the fervor with which people seem to be donating to campaigns, an awful lot of cash supposedly going to campaigns is going to be making criminals wealthy.

Do-it-yourself phishing kits appear on
web

Do-it-yourself phishing kits appear on
web 08/21/2004 04:39 PM
Personal Computer World Aug 21 2004 8:48PM GMT

DIY phishing kits hit the Net

DIY phishing kits hit the Net 08/19/2004 05:48 AM
My little fraudster

Phishing for Opera (GM#007-OP)

Phishing for Opera (GM#007-OP) 06/03/2004 12:03 PM
GreyMagic Software (Jun 03 2004)

War Against Phishing Continues

War Against Phishing Continues 03/14/2005 04:32 PM
Phishers and other online scammers are well ahead of law enforcement officials and security experts right now in terms of techniques and tactics.

Email Spam and Phishing

Email Spam and Phishing 05/12/2004 05:18 PM
WebDevInfo May 12 2004 8:18PM GMT

Analysis Of A Phishing Scam

Analysis Of A Phishing Scam 11/14/2003 08:38 PM
Email "phishing" is the popular email scam going around these days, with emails appearing to come from companies you supposedly trust, asking you to provide updated financial information. These scams are pretty sophisticated and are even trickin g relatively savvy users. Now, a security firm has taken some of these phishing emails and done a fairly detailed analysis on them, to determine that a large portion of the emails seem to originate from a single group, and that group appears to be testing out a variety of different scams over time (sometimes including spyware, sometimes just going directly after the victim's bank account). One interesting tactic, which I had not heard about before, is that the URLs they put in the emails (which are usually disguised to look like legitimate URLs - but which are obviously fake if you look carefully) actually redirect users to the actual site for the institution in question, but also throw up a pop-up of their own that asks for your bank account details. I received one of these emails pretending to be from Amazon a few days ago. I didn't click on the link, but did send it off to Amazon who bounced back a form letter. It sounds like these researchers got the form letter treatment as well - but they've done a tremendous amount of research which would probably be very helpful in tracking down who is running this scam.

New IE flaw allows easier phishing

New IE flaw allows easier phishing 12/30/2003 01:38 AM

Database of Phishing Scams Available

Database of Phishing Scams Available 04/24/2004 01:00 PM
Phishing scams are when you get e-mails from alleged legitimate institutions (banks, eBay, whatever) saying that your account has been compromised or you've been charged a zillion dollars or whatever....

Police net phishing fraudster

Police net phishing fraudster 04/29/2004 10:24 AM
Web-User Apr 29 2004 2:01PM GMT

Phishing pool widens

Phishing pool widens 03/29/2005 04:43 PM
USA Today Mar 29 2005 8:12PM GMT

Crooks Are Phishing For Your Life

Crooks Are Phishing For Your Life 05/19/2004 04:15 PM
CBS News May 19 2004 8:20PM GMT

Re: New whitepaper "The Phishing Guide"

Re: New whitepaper "The Phishing Guide" 09/23/2004 03:11 PM
Aleksandar Milivojevic (Sep 23 2004)

MasterCard tackles phishing

MasterCard tackles phishing 06/22/2004 10:30 AM
Company wants to attack scammers before they rip off consumers' data, rather than chase down criminals after they've victimized people.

Phishing attacks ease off

Phishing attacks ease off 03/31/2005 03:28 AM
ZDNet Australia Mar 31 2005 7:03AM GMT

Phishing to cost SA millions'

Phishing to cost SA millions' 05/18/2004 10:36 PM
Sunday Times South Africa May 19 2004 2:49AM GMT

The MailFrontier Phishing IQ Test

The MailFrontier Phishing IQ Test 08/18/2004 04:51 PM
a quiz

survey.mailfrontier.com/survey/quiztest.cgi?themailfrontierphis hingiqtest
track this site | 3 links

Grok Description matches for Phishing con hijacks browser bar
GrokA matches for Phishing con hijacks browser bar

Netcraft Debuts Anti-Phishing Toolbar
For IE

Netcraft Debuts Anti-Phishing Toolbar
For IE 12/31/2004 06:44 PM
TechWeb Dec 31 2004 10:23PM GMT

Netcraft Releases Anti-Phishing Toolbar

Netcraft Releases Anti-Phishing Toolbar 12/30/2004 11:36 AM

Netcraft launches free anti-phishing
toolbar

Netcraft launches free anti-phishing
toolbar 01/04/2005 06:46 AM
Computer Weekly Jan 4 2005 11:16AM GMT

Netcraft: Netcraft Anti-Phishing Toolbar
Available for Download

Netcraft: Netcraft Anti-Phishing Toolbar
Available for Download 12/31/2004 12:43 PM
Netcraft: Netcraft Anti-Phishing Toolbar Available for Download

news.netcraft.com/archives/2004/12/28/netcraft_antiphishing _toolbar_available_for_download.html
track this site | 3 links

Netscape 8 Beta to Fight Phishing

Netscape 8 Beta to Fight Phishing 02/01/2005 10:05 PM

Notes and Tips: Netscape Phishing Hole

Notes and Tips: Netscape Phishing Hole 08/30/2004 12:21 PM
Secunia reports a small Netscape Java vulnerability that would allow spoofing and phishing.

Netcraft Toolbar Targets Phishing Sites

Netcraft Toolbar Targets Phishing Sites 01/05/2005 11:12 AM
Catch a phish, win a coffee mug with the organization's new anti-phishing toolbar for Internet Explorer.

New Netcraft Toolbar Blocks Phishing,
Analyzes Web Sites

New Netcraft Toolbar Blocks Phishing,
Analyzes Web Sites 12/30/2004 04:52 PM
eWeek Dec 30 2004 8:05PM GMT

Review: New Netcraft Toolbar Blocks
Phishing, Analyzes Web Sites

Review: New Netcraft Toolbar Blocks
Phishing, Analyzes Web Sites 01/02/2005 12:41 AM
eWeek Jan 2 2005 3:13AM GMT

Yahoo! Toolbar Now With Anti-Spyware

Yahoo! Toolbar Now With Anti-Spyware 05/27/2004 10:42 AM
The previously mentioned secret alpha test was for the just announced upgrade to the Yahoo! Toolbar which now contains anti-spyware code. I have to say, this one of those ideas that was immediately obvious upon hearing it. "Of *course* we should use the Toolbar as a way to help poor Windows users get all that crap off their machines." But at the same time it's amazing how many folks never came up with it on their own, me included. Congrats...

Netscape: the long, strange journey of
an anti-Microsoft Web browser

Netscape: the long, strange journey of
an anti-Microsoft Web browser 06/27/2004 12:49 PM

Secure Resolutions Upgrades Their
Anti-Virus Engine to Include
Anti-Spyware, Anti-Adware, Anti-Dialers,
Anti-Hoaxes, Anti-Jokes, and
Anti-Hacking Tools

Secure Resolutions Upgrades Their
Anti-Virus Engine to Include
Anti-Spyware, Anti-Adware, Anti-Dialers,
Anti-Hoaxes, Anti-Jokes, and
Anti-Hacking Tools 06/05/2005 11:14 PM
Secure Resolutions desktop security (Resolution Antivirus™) automatically detects and eliminates all types of viruses, worms, Trojans Horses, dialers, hoaxes, jokes, and hacking tools within a managed desktop security solution. [PRWEB Jun 2, 2005]

Lou Dolinar: Netscape: the long, strange
journey of an anti-Microsoft Web browser

Lou Dolinar: Netscape: the long, strange
journey of an anti-Microsoft Web browser 06/27/2004 06:22 AM
Newsday Jun 27 2004 10:33AM GMT

Anti-Phishing Tools

Anti-Phishing Tools 08/17/2004 11:26 AM

Yahoo toolbar with free anti-spy
software

Yahoo toolbar with free anti-spy
software 05/28/2004 07:50 PM
The Hindu May 29 2004 0:32AM GMT

Yahoo's Anti-Spy toolbar feature buggy

Yahoo's Anti-Spy toolbar feature buggy 08/06/2004 10:01 PM
Web portal admits error in newly released product billed as protection against invasive online marketers.

Yahoo adding anti-spyware to its toolbar

Yahoo adding anti-spyware to its toolbar 05/28/2004 12:39 PM
Washington Times May 28 2004 4:48PM GMT

Yahoo Adds Anti-Spyware to Toolbar

Yahoo Adds Anti-Spyware to Toolbar 05/28/2004 07:58 AM
Linux Insider May 28 2004 12:36PM GMT

Yahoo Adds Anti-Spyware To Firefox
Toolbar

Yahoo Adds Anti-Spyware To Firefox
Toolbar 04/07/2005 05:53 PM
Lockergnome Apr 7 2005 9:17PM GMT

Yahoo Adds Anti-Spyware to Browser
Toolbar

Yahoo Adds Anti-Spyware to Browser
Toolbar 05/28/2004 09:39 AM
Yahoo has announced it will add a feature to its Web browser toolbar that allows users to easily remove spyware programs from their computers. Called Anti-Spy, the feature is currently in beta. Yahoo will be collecting feedback from beta users and intends to utilize that information to produce the final version of Anti-Spy. The current beta version is supported by third-party software from PestPatrol and is available for download to a limited audience at beta.toolbar.yahoo.com.

Other News: Anti-Phishing Tech

Other News: Anti-Phishing Tech 08/17/2004 11:27 AM
Companies are starting to market anti-phishing software, which looks for suspicious URLs.

Other News: Anti-Phishing Group

Other News: Anti-Phishing Group 04/22/2004 09:19 AM
The Anti-Phishing Working Group aims to help combat this rampant scam strategy.

Anti-phishing group gets help from
Microsoft

Anti-phishing group gets help from
Microsoft 07/21/2004 11:28 AM
The software giant offers goods in kind to organization that investigates Internet crime.

Yahoo Adds Anti-Spyware Feature to
Browser Toolbar

Yahoo Adds Anti-Spyware Feature to
Browser Toolbar 05/27/2004 10:35 AM

Anti-Phishing Working Group Meeting

Anti-Phishing Working Group Meeting 04/09/2004 05:30 PM

I was out all day yesterday to attend the Anti-Phishing Working Group meeting at Wells Fargo World HQ in San Francisco.  About one hundred people from wide assortment of backgrounds were there, some from law enforcement agencies like the Secret Service and FBI, lawyers, prosecutors, financial services, e-tailers, solutions vendors, and security experts.  APWG did an impressive job of pulling them altogether to focus on the phishing epidemic which continues to grow.

While everyone wanted to pool resources to combat phishing, I sensed a common desire to protect details about ongoing APWG activities from the public for various reasons.  Since I am not sure what APWG's policy is about blogging, I will limit this post to my thoughts and observations.

Toolbars

Warm receptions received by Account Guard feature of eBay Toolbar and Dan Boneh's SpoofGuard means more toolbars in the near future.  I predict we'll see about ten security-related toolbars released before this year is over.  Since highly integrated client-side software like browser toolbars are one of my specialties, all this is good news for me but I couldn't help worrying about the oncoming glut of toolbars, sidebars, and deskbars causing confusion among users.

Microsoft

Microsoft needs to do more to combat phishing.  Actually, they need to do 'less' by disabling or limiting use of hyperlinks and javascript in Outlook and Hotmail.  Since phishing is causing real financial damages to companies and individuals, Microsoft created an arguably very large liability exposure by introducing DHTML e-mail in Outlook.

My opinion is that hyperlinks in e-mail contents should require the user to approve each navigation after viewing a dialog that clearly indicate the link destination.  This constraint can be eased depending on the age of the hyperlinks because destination phishing websites are more likely to be takendown or abandoned over time.  I also think javascript should be disabled completely in e-mail contents to protect against new breed of javascript obfuscated webpages.

Hunters vs. Butchers

Law enforcement agencies are IMHO still in the hunter mode, meaning hackers they find and prosecute are more or less trophies for assuring the public.  Seen as services, they are open to denial of service attacks by organized hackers arming script-kiddies to overload or slowdown cybercops.  They need to think about ways to shift-gear from hunter to butchers mode now, if not just against phishers, then for homeland security.

Takedown.com

Most difficult part of fighting against phishing is taking down phishing websites.  Differences and confusino in law and legal jurisdictions, cross-language communication issues, availability, authority verification problems, and other issues make taking down a fraud site a skill or an art of social networking, ingenuity, and patience which most companies do not have.

Solutions suggested so far like contacts and standards are useless IMHO.  A more effective solution is to encourage entrepreneurs to startup federated or franchised businesses to offer takedown services around globe and around the clock with the local touch.  Having middlemen like them solves most of the issues mentioned above.

Spoofback

Considering the difficulty with takedown, another options is to 'spoof back' by posting phony information to the phishing websites in order to spoil the goods by diluting it with bad info.  Instead of receiving 3,000 good responses, phishers will receive 300,000 responses most of which will be bad.  Another variation is to post user info leading to honeypots in order to phish the phishers.  I am not sure about the legal issues, but hackback risk is no worse than the takedown IMHO.

APWG Future Threat Models SIG

I have volunteered to participate in the Future Threat Models SIG at APWG because I am both highly creative and insanely paranoid which means I can see blindspots where none exists.  :-)  I probably won't be posting about the activities there but I will post my thoughts and publicize imminent threats like the XSS Network threat I posted about before.

NetCraft Launching Anti-Phishing Service

NetCraft Launching Anti-Phishing Service 01/07/2004 06:39 PM
"Phishing" scams, where a scammer sends a fake email pretending to be from a legitimate site and tries to get people go to a real-looking site and give away all their personal details and/or passwords, are becoming increasingly popular. However, as scams grow, so do the scam fighters. NetCraft, known for monitoring what systems are used to host websites, is going to launch a phishing detection service. Since they already keep track of registered domain names, and crawls sites, recording their home page. The service will specifically look for domain names that are similar to the names of companies that sign up for the service - while also comparing actual websites to try to catch phishing sites before they have a chance to scam people. Sounds like a useful service.

Netcraft Unveils Anti-Phishing Services

Netcraft Unveils Anti-Phishing Services 01/05/2005 04:44 PM
theWHIR Jan 5 2005 8:12PM GMT

Will A Reactive Anti-Phishing System
Work?

Will A Reactive Anti-Phishing System
Work? 09/14/2004 05:25 AM
Realizing that phishing scams are a big deal these days, Symantec is now launching their own anti-phishing system to help combat the problem. Of course, since phishing relies more on social engineering to trick people into revealing their bank account, credit card and/or other private info, it's hard to see how a company could launch an effective anti-phishing service. Symantec's works the same way many early anti-spam systems worked: by creating a bunch of fake accounts, monitoring the results and using them to build a database of phishing sites to block. It certainly could help, but it might depend on how quickly it works. Unlike the situation with spam, where it's not quite as awful if a few messages get through, a phishing site that still gets a bunch of victims is certainly problematic for those people. While it's unclear if there's any better solution, a reactive solution to phishing may just be too little too late.

Bush to sign anti-phishing bill

Bush to sign anti-phishing bill 07/15/2004 08:29 AM
Mandatory minumum sentences for ID theft

Phishing con hijacks browser bar

The following phrases have been identified by the grok system as matching this entry: netscape anti phishing toolbar