Have you got a phishing permit?
I was reading the blog of that nice chap from Sophos recently, and came across an article about phishing, once more recounting the story of someone who has supplied their bank account details to fraudsters and had their account cleared out.
…29-year-old mother from Wigan, England. Sarah has been left with thousands of pounds worth of debt after phishers raided her bank account of £1,800 and extended her overdraft to a hefty £2,500.
Sarah, who has a 16-month-old daughter, claims that just before she went on a two week family holiday to Spain, she received a phishing email at work, asking her to update her online banking passwords.
…because she supplied someone else with these details, the bank is holding her liable for the losses. That’s unfortunate, but on the other hand she did give out her details…
But I think for the likes of online banking, it’s about time the banks supplied their users with some sort of hardware gadget which analyses not only the fingerprint or something of the user (so if you aren’t the user, you can’t use the account) and that this gadget could also analyse the IP addresses of the site they are visiting and provide a visible flag as to whether it is what it says it is…
No, I don’t know how to create such a gadget. But I have firefox plugins that show me where sites are hosted, and I know people with USB flash drives that are fingerprint protected, so I don’t see it as being impossible to produce.
And given the risks of identity theft, and given that the banks are reluctant to take the hit when someone’s given their details away, isn’t it about time that they made it a bit harder for people to give their details away?
Graham quotes the victim as saying that she didn’t know anything about identity theft before, and adds:
Clearly more needs to be done to raise awareness amongst the general population about computer security.Graham Cluley
I agree. But I suspect I disagree with him on how it needs to be dealt with.
I don’t think more publicity will help. I’ve seen lots. I think the problem is not that people are not told about identity theft, about phishing and so on, but that they choose to remain ignorant about it. They don’t want to know.
It’s like driving a car. You need a licence to drive a car. You need to understand how the car works and what the dangers are. With the information superhighway, you can drive your computer down it oblivious to the dangers and — if you so choose — entirely unprotected. That’s not a good idea.
But I wouldn’t suggest that home users should need a licence. No, I like the all-inclusive nature of the internet and would hate to see it go all ‘elitist’. But people need to be made more aware of their responsibilities.
If someone has an infected PC which is used to pump out spam, can that spam not be traced back to that IP address, and that PC? Can’t we contact those ISPs and contact those home users to tell them their PCs are infected? It won’t stop spam and phish arriving (as many will be sent from other countries) but it might help raise awareness.
It might help remind users that, like a car, an infected PC isn’t just a danger to themselves, but also to others. It might help people be more responsible internet users.
But sadly, my faith in human nature is shaken to the extent that I think a significant minority still won’t listen. They don’t want to know until it happens to them.
But if you choose not to watch the news, if you choose not to read the newspapers, you are choosing to be unaware. And you then can’t blame someone else if you walk into dangers that you would otherwise have heard about. Too many people are submerged in the minutae of daily life and do not notice the world around them.
It’s time as a nation (as a planet?) for every single one of us to wake up: to know what’s going on.
Collegue Man says:
July 30th, 2008 at 9:18 am
Wht do these morons keep on falling for these things, I remember a spate of handbag thefts where I work, in one instance someone had had their bag stolen, which is horrible I admit and they have my fullest sympathy there, and later recieved a phonecall later from “the bank”, saying someone has handed in your card, to prove we are talking to the right person could you give us your pin number, and she did.
I bank online with 3 banks and they all sent me out information regarding this, and also regularly as their welcome message have words to the effect of we will never ask you for account information via email.
I can fully understand the banks not wanting to take responsibility for this, they cover you if your card is stolen, but why should they cover you if you hand it to a stranger in the street and have your pin number stuck to the back of it.
I disagree about it being the banks responsibility to make it harder, after all many people bank online all the time and manage not to have their accounts cleaned out, why should they foot any part of the bill (as the banks woiuld pass it on) to put in the extra infrastructure required to do this, would my car insurance pay out if I left my car with the doors unlocked and the key in the ignition? As an aside I have reciently stopped banking with one company bacause they sent out a calculator sized dongle in a similar vein to an RSA token which you use your cash card with to generate a number allowing you to set up new payees on your account, as I do not carry this around with me it means I cannot do many things from anywhere other than home, which for me renders online banking pretty useless.
Anyway I must go, I have an email from General N’Gog who has offered me £250k if I provide my bank details so I can help him get his family fortune out of Iran….
Stevie D says:
July 31st, 2008 at 2:17 pm
If I was responsible for security with an online banking system, I would send out a dodgy phishing email to all customers of that system. Anyone who responded to the email and in any way compromised their account would have their access terminated immediately!
This seems like the most obvious way to stop phishing attacks – ban any customers too stupid to use online banking.
(Ex) Collegue Man says:
July 31st, 2008 at 7:25 pm
@Stevie D
Amen
1234test.com says:
August 31st, 2011 at 2:18 am
Queens University Blog…
[...]With the right skills you can be good at many more things and doing almost no mistakes..[...]…
bare minerals makeup says:
September 26th, 2011 at 9:52 pm
iPhone – Blog…
[...]We are absolutely sure that right knowledge can be very important when doing work for the first time and especially if it’s important to us..[...]…
oil painting from photo says:
October 4th, 2011 at 10:16 am
How ToLive Happily Blog…
[...]It’s a known truth that right knowledge can be very important when we are doing something new and especially if it is something very important…..
wayfarer folding says:
November 8th, 2011 at 2:20 am
Look Like A Cool Person…
[...]It’s a known truth that right knowledge can be very important when we are doing something new and especially if it’s important to us.[...]…
Marketing says:
November 9th, 2011 at 9:44 pm
Everything You Have To Know About Effective Marketing Models…
[...]If you know what is your job you can be a lot more successful than when you have no experience.[...]…
macbook scree cover says:
November 24th, 2011 at 11:39 pm
What Are Car Warig Lights…
[...]We are absolutely sure that right knowledge can be very important when having no experience with some kind of work and even more it if is important to us.[...]…
tom ford solbriller says:
December 3rd, 2011 at 2:18 pm
Download Acne No More…
[...]This is a new website on this topic. You can see more about it on the site[...]…
west virginia university mountaineers clothing says:
December 6th, 2011 at 11:04 pm
Where To Look For More Information…
[...]Are you unquestionably positive this really is the suitable information. I head a thing else. You will find out extra about this topic[...]…
classifieds ads says:
December 10th, 2011 at 10:23 pm
Where To Find Romantic Ideas…
[...]Are you totally confident that is the correct information. I head something else. I’ll check your web page inside the long term.[...]…
billiga solglasögon says:
December 14th, 2011 at 11:30 pm
Billiga Solglasögon…
[...]Awesome data that I’ve been seeking for some time! I’ll examine your website in the long term.[...]…
funny videos online says:
December 20th, 2011 at 11:42 pm
You Have To See These Funny Videos…
[...]I believe it’s incredibly crucial that a lot more persons know about this. Keep up using the excellent writing.[...]…
celulares dual chip says:
February 10th, 2012 at 6:28 pm
Celular Dual Chip…
[...]This is truly cool. I will check your web page inside the long term.[...]…
India Tourism says:
February 16th, 2012 at 10:38 pm
Complete Tour Of India…
[...]Awesome data that I’ve been looking for for some time! I got some exciting suggestions from this[...]…
paranormal investigation says:
March 30th, 2012 at 3:36 pm
Paranormal Activity Investigation…
[...]This is truly cool. I’ve just had one more idea pop into my mind[...]…
womens shoes says:
April 11th, 2012 at 10:59 pm
Spring And Shoes Go Together…
[...]I see you recognize a lot about what you are writing about. Interesting study. I got some intriguing concepts from this[...]…
Affordable Health Insurance In Missouri says:
June 25th, 2012 at 1:34 pm
Vehicle Insured And Safe…
[...]It’s amazing that men and women nevertheless know a whole lot about thing like that. I’ve just had yet a further method pop into my mind[...]…
Makendra says:
December 10th, 2012 at 7:10 pm
Thanks guys, I just about lost it looikng for this.