How the FBI director nearly fell for a phishing attack
By Asavin Wattanajantra in Editorial
Posted in FBI, cybercrime, phishing on
It was a big day for the FBI as it announced that it had charged 100 people over what FBI director Robert S. Mueller has called the ‘the largest international phishing case ever conducted’.
The criminal gang was successful in getting hundreds, if not thousands of people to give up the personal information to be used in a million dollar banking fraud.
Yet in a speech in San Francisco yesterday, FBI director Robert S. Mueller revealed that he was almost a victim of a phishing attack.
He said: “Not long ago, the head of one of our nation’s domestic agencies received an email purporting to be from his bank.
“It looked perfectly legitimate, and asked him to verify some information. He started to follow the instructions, and then realised that this might not be a good idea.
“It turned out that he was just a few clicks away from falling into a classic internet ‘phishing’ scam - phishing with a PH. This is someone who spends a good deal of his professional life warning about the perils of cyber crime. Yet he barely caught himself in time.
“He should definitely have known better. I can say this with certainty, because it was me.”
Not yet rated
Loading ...
The summer security school in paradise
By Asavin Wattanajantra in Editorial
Posted in Greece, cybercrime, malware, crime on
I’m in Crete at the moment. An island in Greece surrounding by sea holed up in a beautiful hotel with a double bed.
You may think I’m on holiday at the moment, but no - I’m actually at the security conference held by the EU group ENISA, and I’ve already written several stories on it.
It is a weird place to get a bunch of security experts along. The conference is actually set in a resort, so while I’m here stuck inside writing security for you lucky people, tourists are passing by in around 28 degree sun flip flops and all.
Apart from the whole not actually being able to holiday thing though, I’m enjoying it. There are some very interesting people talking here, much more than the same event last year, and because there are no tech sponsors I’m not having to follow any particular security business agenda that can sometimes be a problem in IT.
There are people talking about threats as well as the public sector and business reaction to them. So far I’ve heard about the problems of e-government and web 2.0, the banking sector and cybercrime as well as the police response to it.
It is called a ’summer school’ because it’s supposed to be educational as well, as there are quite a lot of security experts, policy makers and business people as well as journalists.
ENISA seems to be making a big European-wide effort on security, and it has opened by eyes to some of the issues around the EU which we often don’t hear about in the UK as well - we don’t think it matters to us.
But as security and cybercrime has no national boundaries we should really understand what are neighbours are doing, because thanks to the international nature of e-crime, incidents in Britain can simply be triggered by the press of a button in another country.
It’s new - we need to make efforts to make sure we understand the problem.
Rated: 20% (1 votes)
Loading ...
Twitter accounts breached by hackers - again
By Asavin Wattanajantra in Editorial
Posted in social engineering, passwords, cybercrime, hacking, Twitter on
Twitter has confirmed that it has been hacked again by an outsider, with the French this time claiming responsibility.
According to reports, a person going by the name of ‘Hacker Kroll’ managed to access celebrity accounts as well as the account of Jason Goldman, Twitter’s director of product management.
The hacker claimed that they managed this to do this with a social engineering technique to access his Twitter account. He or she says they found it by accessing an admin’s Yahoo account to find his Twitter password.
Through screenshot images the hacker claims that they have broken into celebrity accounts belonging to those of Ashton Kutcher, Britney Spears and Lily Allen.
Reports said that the email addresses of the compromised accounts, mobile phone numbers as well as the accounts the affected users had blocked were accessible. (Kutcher and Allen are said to have blocked celebrity gossiper Perez Hilton).
In response, Twitter co-founder Biz Stone admitted that an outside party had gained unauthorised access, and that 10 individual accounts were viewed. He did say that no password information or personal information was revealed or altered,
Stone said: “Twitter takes security very seriously so we will be conducting a thorough, independent security audit of all internal systems.”
It wasn’t the first, and unlikely to be the last problem with hackers that Twitter will have. Back in January an 18-year old hacker who managed to breach administration systems admitted his guilt, but instead of a social networking attack he had used a self-created dictionary program tool.
One of Twitter’s most famous British followers in Stephen Fry also fell victim to a phishing attack. Considering Twitter’s rise in popularity, especially with businesses, can it be trusted to keep your accounts safe fromintruders?
Sophos security expert Graham Cluley said: “Although many will blame Twitter for no ensuring that its staff followed sensible policies to better secure critical administrator accounts, lets not forget that the real criminal here is Hacker Croll.
He added: “They have acted illegally by breaking into these accounts, even if they didn’t do anything malicious.”
Not yet rated
Loading ...
Teenage hackers becoming a real threat
By Asavin Wattanajantra in Editorial
Posted in cybercrime, financial, hacking, internet on
According to security experts, teenage hacking is becoming a real threat when it comes to cyber crime.
Professionals have indicated that forums such as that of Dark Market which was taken down recently, are starting to be populated by teenagers who are looking to swap credit card data as well as the hacking and phishing kits which is used to collect it.
As these teenagers are not as well trained as professionals who may well do this for a living, they are more likely to get caught as well as pick up a criminal record, which will really hurt them if further down the line, they want to have a career in IT.
The first steps are simply to look for cracks and exploits for computer games, for example to run computer games which they haven’t paid for. Although many kids do this, it is nevertheless illegal.
Then it is likely they’ll graduate to more serious crime, such as swapping programs and malicious data, and further on targeting social networking sites with exploits and virus code.
IT PRO talked to Billy Hoffman at RSA Europe, who works in
Rated: 20% (1 votes)
Loading ...
Tag cloud
Most commented posts
- Ten reasons why World of Warcraft is better than Second Life
24 comments
- My Michael Jackson blog post
- Ten reasons why people are leaving MySpace
- Facebook user arrested for poking somebody
- Reporting internet child abuse
- DS Scrabble beats eight-year-old with swear word
- What should the staff writer have as his smartphone?
- Twitter didn't actually get hacked - Google did
- Joining the sheep - I'm getting an iPhone
- Twitter users can now report spammers with one click
Highest Rated Blog Posts
- Ten tips to avoid your satnav driving you over a cliff (100%)
- Does unfiltered internet 'disturb children'? (100%)
- The brain-controlled laptop computer (100%)
- Why Twitter is a better news tool than Digg (100%)
- Apple and its obsession with secrecy (100%)
- Twitter isn't for teenagers? It's common sense. (100%)
- Farming and becoming a Godfather with Facebook (100%)
- Orange and the iPhone - competition is a good thing (100%)
- Bendy phones straight out of the future (93.4%)
- How Pirate Bay sticks two fingers up at the industry (80%)