Attackers Go Phishing In Deeper Waters

from the personalized-scams dept

Tue, Sep 12th 2006 3:35pm — Joseph Weisenthal

It's not just iTunes and Amazon that are exploiting the 'long tail', online scammers get it as well. Typically, phishing attacks attempt to confuse people by mimicking a well-known brand, like PayPal or Citibank. But as more people get clued into the fact that an email purporting to come from PayPal may not be the real thing, attackers have had to move onto smaller brands. In the last year, the number of brands targeted by attackers has doubled, and this number is growing at a double digit monthly clip. As in other long tail case studies, it's the low costs of internet activity that allows attackers to go after small niches. So far, the attack with the narrowest scope we've heard about is one that goes after JFK conspiracy theorists, claiming to be from a dying KGB agent with some previously undisclosed information about the murder. Whatever your tastes or interests, there will one day be a scam specifically targeted for you.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

13 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

Anonymous Coward, 12 Sep 2006 @ 3:46pm

repeat in the first sentance. repeat in the first sentance.
[ link to this | view in thread ]
Joe, 12 Sep 2006 @ 3:53pm

Re:
Thanks for the catch. Fixed.
[ link to this | view in thread ]
Anonymous Coward, 12 Sep 2006 @ 4:30pm

Re:
learn how to spel, learn how to spel
[ link to this | view in thread ]
Grandfather Time, 12 Sep 2006 @ 5:56pm

criticism
don't criticise someones spelling if you cannot spell yourself....

the proper spelling is "spell"....
[ link to this | view in thread ]
Anonymous Coward, 12 Sep 2006 @ 6:07pm

Sarcasm is totally wasted on literalists...
[ link to this | view in thread ]
Anonymous Coward, 12 Sep 2006 @ 6:19pm

Re: criticism
wow... that went completely over your head. while we're being anal retentive, thick headed morons, i'd like to point out that "someones" is incorrect. it should be "someone's".
[ link to this | view in thread ]
AJ, 12 Sep 2006 @ 6:33pm

Post something on topic?
battle of the morons continues in post 8, now a word from our sponser....
[ link to this | view in thread ]
Mike, 12 Sep 2006 @ 6:45pm

You all git an F
I ame an Englishe teachers!! and all of you git an F today for your spilling!! You are all morans and I hoope you go to hell when you die!!
[ link to this | view in thread ]
You Bastards!!, 12 Sep 2006 @ 7:05pm

They Killed Kenny!!
This is all looking a bit too much like a South Park re-run, so these posts probably violated some sort of intilectual content law.

So, sarcasm isn't a victimless crime after all...expect a letter...soon.
[ link to this | view in thread ]
Jesse McNelis, 12 Sep 2006 @ 8:14pm

it's the problem with email
Email is very very broken.
Pretty much the worse form of communication as there is no standard form of authentication and verification. This was known to be a problem 10 years ago, but still probably won't be fixed for 10 more years.

Spam, malicious software writers and Phisihing scams take advantage of this and will continue to cause trouble until email is fixed.

Longing for the days of domain keys.
[ link to this | view in thread ]
Bob, 13 Sep 2006 @ 6:05am

Back to the point
Has anyone read the story for this thread? It really is more interesting than the comment thread, albeit not nearly as humorous.

I had an experience not long ago whereby my bank had sent me an email that looked all the world to be a phishing scam. The mail wanted me to click on a link, that didn't go to their website, and logon to setup a feature. I assumed it to be fake but upon checking the new domain I discovered the domain holder was a reputable banking data management company. Shortly afterward the bank called me directly for another matter and I quizzed her on it. She admitted it did indeed originate from their bank, that it was an automatic process (so no-one sat down and wrote this by hand) and that this was just business as usual. I discussed the ease in which this could (will) be exploited someday and she intended to speak to their IT.

My point being you must be very vigilant as even supposed 'safe' emails could be manipulated. Just think of all those who clicked and logged on without giving it a thought.
[ link to this | view in thread ]
Curious, 13 Sep 2006 @ 1:44pm

Re: it's the problem with email
how does the communication through e-mail differ in any way from almost every other form of online communication in regards to spam, potential phishing and such?
[ link to this | view in thread ]
ebrke, 14 Sep 2006 @ 7:32am

Re: Back to the point
Anyone remember the security breach some months ago when an outside company handling the logins for small banks was hacked? One of the banks then sent an email with a link to a domain outside that of the bank and asked customers to login using the link and change their passcodes and get information about the breach. Talk about clueless!
[ link to this | view in thread ]