[pchelpers] News:New in-session phishing attack could fool experienced users

• From: John Durham <john.modec@xxxxxxxxxx>
• To: PC-Helpers <pchelpers@xxxxxxxxxxxxx>
• Date: Wed, 14 Jan 2009 08:05:06 +1300

By Joel Hruska | Published: January 13, 2009 - 11:15AM CT
Another year, another form of phishing. This one, I have to admit, is
pretty good in terms of potentially fooling a user. Unlike most phishing
attack vectors, it doesn't rely on the victim being ignorant and/or
moronic. The new technique has been dubbed "in-session" phishing and it
stays out of your e-mail altogether.

Security researchers with Trusteer have published a report (PDF) on this
new type of phishing along with a suitably vague description of how the
attack works. As its name implies, in-session phishing requires that the
victim first log into a secure website; Trusteer uses an online bank
site as one example of a tasty target.

More here:
http://arstechnica.com/news.ars/post/20090113-new-method-of-phishmongering-could-fool-experienced-users.html
-- 
John Durham
Site http://modecideas.com
Server hosted on Ubuntu 4.10
Good advice is like good paint. It only works when applied.



-- 
-------list-services-below-----------
Regards, John Durham (list moderator) <http://modecideas.com/contact.html?sig>
Freelists login at http://www.freelists.org/cgi-bin/lsg2.cgi
List archives at http://www.freelists.org/archives/pchelpers
PC-HELPERS list subscribe/unsub at http://modecideas.com/discuss.htm?sig
Latest news live feeds at http://modecideas.com/indexhomenews.htm?sig
Good advice is like good paint- it only works if applied.

• » Related posts
• » Previous by Date
• » Next by Date
• » This Month's Archive
• » Main Archive Page

• » View list details
• » Manage your subscription