NieuwsDesk (joomla) - Phishing trics

Nieuw op deze site:

Registered Users Sectie

On-the-Fly Disk defragmenter

On-the-fly disk defragmenter claims a first

5th January 2007 17:47 GMT

Diskeeper claims the 2007 version of its disk defragmenter is the first to run automatically and in the background - most defragmenters, such as the one built into Windows, have to be manually activated or set up as a scheduled job, and run when the system is quiet.

The innovation, according to Diskeeper engineer Ergun Kazali, is multitasking technology that works below the level of the operating system's scheduler, detecting when there are spare CPU cycles and using them to defragment the hard disk on the fly.

Robert's Blog

Gelezen op een nieuwssite: "Condoms Good For Business Rise"!

Hoe bedoelt u "double entendre"?

Een nieuwe generatie Linux adepten komt eraan, wordt dat HET probleem voor Microsoft in de toekomst?

Over Services gesproken. Als ik Dell moet vergelijken met bij voorbeeld HP, dan zitten daar minimaal 3 klassen verschil tussen. Ook bij Dell worden wel eens foutjes gemaakt, het blijft immers mensenwerk, maar ze doen heel veel om fouten te corrigeren, ze zijn coulant, en ze denken ZELF na, het grootste winstpunt. Een voorbeeld voor vele andere bedrijven.

Dell plant boom voor iedere klant, die carbon neutraal wil werken.

Home

Nieuws

Beveiliging

Phishing

Phishing trics

Editorial

Nu er een golf nieuwe software over de mensheid uit gestort gaat worden, niet alleen door Microsoft, maar ook door de Open Source Software groep, Mozilla en anderen, zullen wij extra aandacht besteden aan deze nieuwe producten. Wij zullen met name focussen op ernstige gebreken en nieuwe -het leven aanzienlijk veraangenamende- features en navenante voordelen, alwaar wij onze bezoekers regelmatig kond van zullen doen.

N.B.: Wij vragen onze bezoekers zich te registreren via het login menu in de rechterkolom.

Een groeiend aantal artikelen zullen wij alleen specifiek ter beschikking stellen aan klanten van theHelpdesk.nl en aan onze geregistreerde bezoekers binnen de Registered User Section en het afgeschermde gedeelte van HackersWorld (full disclosure exploits). (te bereiken na registratie en/of login)

Phishing trics

Written by Administrator
Sunday, 15 October 2006
Users trappen te gemakkelijk in Phishing trics Internet Users Taking Pishing Bait, IU Sudy Submitted by Technology News... on Sun, 2006-10-15 17:08.Internet A higher-than-expected percentage of Internet users are likely to fall victim to scam artists masquerading as trusted service providers, report researchers at the Indiana University School of Informatics. "Designing Ethical Phishing Experiments: A Study of eBay Query Features" simulated "phishing" tactics used to elicit online information from eBay customers. The online auction giant was selected because of its popularity among millions of users -- and because it is one of the most popular targets of phishing scams. phishing trics Phishers send e-mail to Internet users, spoofing legitimate and well-known enterprises such as eBay, financial institutions and even government agencies in an attempt to dupe people into surrendering private information. Users are asked to click on a link where they are taken to a site appearing to be legitimate. Once there, they are asked to correct or update personal information such as bank, credit card and Social Security accounts numbers. Surveys by the Gartner Group report that about 3 percent of adult Americans are successfully targeted by phishing attacks each year, an amount that might be conservative given that many are reluctant to report they have been victimized, or may even be unaware of it. Other surveys may result in overestimates of the risks because of misunderstanding of what constitutes identity theft. In contrast, experiments such as the one conducted by IU researchers Markus Jakobsson and Jacob Ratkiewicz, have the advantage of reporting actual numbers. Their study, one of the first of its kind, reveals that phishers may be netting responses from as much as 14 percent of the targeted populations per attack, as opposed to 3 percent per year. "Our goal was to determine the success rates of different types of phishing attacks, not only the types used today, but those that don't yet occur in the wild, too," said Jakobsson, associate professor of informatics. Jakobsson also is an associate director of the IU Center for Applied Cybersecurity Research, which studies and develops countermeasures to Internet fraud. Ratkiewicz and Jakobsson devised simulated attacks where users received an e-mail appearing to be legitimate and providing a link to eBay. If recipients clicked on the link they were in fact sent to the eBay site, but the researchers received a message letting them know the recipient had logged in. The researchers specifically designed the study so that all they received was notification that a login occurred, not the login information (such as the recipient's eBay password) itself -- unlike a real phishing attack, which is designed to harvest passwords and other personal information. The study was approved in advance by the IUB Human Subjects Committee, which is responsible for reviewing and approving research activities involving human subjects and data collection. The experiment was unusual in that it did not involve debriefing of subjects, given that this step was judged to be the one and only aspect of the experiment that could potentially pose harm to subjects, who might be embarrassed over having been "phished" or wrongly conclude that sensitive information had been harvested by the researchers. "We wanted to proceed ethically and yet obtain accurate results," said Ratkiewicz, a computer science doctoral student. One experiment they devised was to launch a spear phishing attack in which a phisher sends a "personalized" message to a user who might actually welcome or expect the message. In this approach, the phisher gleans personal information readily available over the Internet and incorporates it in the attack, potentially making the attack more believable. The researchers used three types of approach statements: "Hi can you ship packages with insurance for an extra fee? Thanks"... "HI CAN YOU DO OVERNIGHT SHIPPING? THANKS!" ... and "Hi, how soon after payment do you ship? Thanks!" In a large portion of the messages, the user's eBay username was included in the message to make it appear more similar to those eBay itself would send. "We think spear phishing attacks will become more prevalent as phishers are more able to harvest publicly available information to personalize each attack," Ratkiewicz said. "And there's good reason to believe that this kind of attack will be more dangerous than what we're seeing today." The results of the IU researchers' latest phishing study were shared with eBay officials. Jakobsson was the author of a 2004 report which detailed worst-case phishing scenarios and attacks, and possible ways to prevent them. It was cited positively by various information technology leaders, including eBay officials. To read "Designing Ethical Phishing Experiments: A Study of eBay Query Features," go to http://www.informatics.indiana.edu/markus/papers/ethical_phishing-jakobsson_ratkiewicz_06.pdf. Users of eBay should forward any message they think is fraudulent to This e-mail address is being protected from spam bots, you need JavaScript enabled to view it For more information about anti-phishing research activities at IU, go to http://www.indiana.edu/~phishing.
Last Updated ( Saturday, 25 November 2006 )

< Prev		Next >

[ Back ]

Aanvullend menu

Over deze Website

Zowel deze NIEUWS site als het bijbehorende eZine zullen voor een groot deel, qua inhoud, bestuurd kunnen worden door onze klanten en de bezoekers van onze website(-s).

Wij nodigen U dan ook uit, op dit moment nog via e-mail, This e-mail address is being protected from spam bots, you need JavaScript enabled to view it , om de voor U interessante onderwerpen aan te melden. U kunt hierbij denken aan de vaste rubrieken op beveiligingsgebied, onderzoek en technologie (zowel fundamenteel als toegepast onderzoek), waarschuwingen uit de praktijk. Daarnaast kan men denken aan, bij voorbeeld, uitleg van bepaalde zaken, zoals protocollen, technieken, methodieken, maar ook commentaren op ontwikkelingen e.d.

Als onze klanten en bezoekers zelf ook een bijdrage willen en kunnen leveren, worden zij hiertoe hartelijk uitgenodigd. Het delen van kennis, zowel vanuit een professioneel-, als een gebruikersperspectief, is de missie van deze nieuwsvoorziening.

Het e-Zine zal maandelijks worden toegezonden aan de klanten van theHelpdesk.nl en aan geregistreerde bezoekers van deze website. Daarnaast kunnen zij Alerts en Waarschuwingen verwachten, buiten de reguliere verzending van het e-Zine om, indien het nieuws dit nodig mocht maken.

News Feeds / Syndication / links.

Wij hebben als extra service aan onze bezoekers besloten de syndication e/o news feeds aanzienlijk uit te breiden.

Ook het aantal overige news feeds en links zal in de nabije toekomst aanzienlijk worden uitgebreid. Voorts verwachten wij op grond van de binnengekomen e-mails binnenkort een aantal rubrieken toe te kunnen voegen.