Quick Links: SpywareGuide Greynets Blog | SpywareGuide Product Database | SpywareGuide Company Database | SpywareGuide Categories
SpywareGuide powered by FaceTime Security Labs
Search SpywareGuide Greynets Database & Site
Security Email Alerts & Updates
Search the Blog
Recent Posts
Monthly Blog Archives
Subscribe to this blog's feed
About the Blog
About SpywareGuide Greynets Blog
Link to Us
Link to SpywareGuide.com

The SpywareGuide Greynets Blog


May 01, 2008

  • Credit Card Up For Renewal? Then Beware This Phish...

Today I received an interesting phish that only caught my eye purely because of a chance circumstance involving my credit card. What I ended up with was three websites (at least one of which has likely been hacked), two phishes and a collection of screenshots for you to look at after the jump...

Continue reading "Credit Card Up For Renewal? Then Beware This Phish..." »

May 17, 2007

  • Skype Phish?

After hearing a few reports of Skype Phishing these past few days, one of my colleagues happened to come across the below site:

Click to Enlarge

Continue reading "Skype Phish?" »

January 31, 2007

  • Celebrate CastleCops' 5-Year Anniversary

Our friends at CastleCops' body of work is truly ground breaking and it has always been a pleasure to collaborate and exchange knowledge with Paul Laudanski, Microsoft MVP Windows-Security, on his projects into malware and phishing research. They will soon be giving away over $130,000 in donations from companies who recognize how valuable CastleCops and their body of volunteers have been to the Net. We have had the honor to work with them over the years and wish them continued success.

FaceTime supports independent efforts like CastleCops.com because they mirror facets of our own research philosophy, recognizing the value of talking to Netizens, listening to clients and participating in the community at large.

Internet security is a vast problem that is not only technological in scope, but social as well. Social problems - by their very nature - are often best tackled by businesses and people working together. Leaders like Paul Laundanski are important catalysts in driving communities which create venues for open dialogue, frank conversation and education. We are grateful to have the opportunity to contribute.

Learn more about CastleCops.com, their 5-year anniversary celebration, and the various prizes made available to members. It is a great place to learn more about computers, security in general, and to be a part of the security community. Their achievement is a glowing testament on the impact motivated individuals, working together toward common goals, can achieve. From training their volunteer staff in anti-malware, phishing, and rootkit academies and through additional services, including forums, news, reviews, and continuing education CastleCops is a genuine and valuable resource for all.

More from CastleCops.com.

Brian Krebbs at Washington Post reports.

Colleague Bill P. of WinPatrol.

More coverage at:


MorningStar News


July 03, 2006

  • PIRT Top Phish Kills- Google Checkout- What Does it Mean?

Phishing is a form of criminal activity using social engineering or trickster techniques to fraudulently acquire sensitive information, such as passwords and credit card details, by masquerading as a trustworthy person or business in an apparently official electronic communication, such as an email or an instant message. The term phishing arises from the use of increasingly sophisticated lures to "fish" for users' financial information and passwords. Some phishing has become so complicated that it no longer needs to steal information from the web, IM or E-mail, but lure users to use phone connections and capture them using phone techniques. (You call a number, they ask you to enter in your account number and PIN and viola- they capture the "tones" made by your telephone keypad input and your account is wide open to the scammer.)

We talked a while ago about the global phishing termination operation launched by CastleCops and Sunbelt Software. The volunteer PIRT Squad is comprised of folks who report phish, investigate phish, and actively work on phish takedown and termination (original concept by Robin Laudanski). PIRT is funded by CastleCops.

Our own Microsoft Security MVP, Chris Boyd, has been participating on the PIRT Squad over at CastleCops and some of the first results are in. CastleCops' operators, Robin and Paul Laundanski, have compiled the list of the top phished brands in May. Here the all-volunteer group of phishing terminators has been having a real impact on phishing. Our own research team follows-up on many of these phish sites and note that many are offline quickly! That is good news...but the battle is far from over. (Other "things" may lurk on the end of these phish attempts, but that is for another entry.)

So without further ado the top brands fished in May:
Pay special attention to how "pure Internet play" brands like PayPal and eBay are the most common targets.

May 2006 confirmed phish (brand plus total count for May):

PayPal - 520
eBay - 309
Bank of America - 37
Barclays - 36
Wells Fargo - 36
Chase - 33
WAMU - 28
HSBC - 20
MasterCard - 18
e-gold - 17
Nationwide - 17
Citi - 16
BancorpSouth - 14
Postbank.de - 12
Halifax - 11
NetBank - 11
Laredo Nat'l Bank - 10
Nat'l Australia Bank - 10
Western Union - 10
National Credit Union - 9

With this early report in mind we have to take into account that Google is now throwing their hat into the e-commerce ring with a service called "Google Checkout". The business implications of this move are very, very complicated and beyond the scope of this entry- although they are important to security researchers too. However, in terms of pure security research the proverbial writing is on the wall...Google and e-commerce will only attract scammers like bears to honey. How successful they will be will depend much on how Google implements the process, their anti-fraud features, and how educated people are on phishing in general.

I admit, especially in my talks and speeches with youngsters, I am quite dismayed at the lack of awareness on Internet safety. That is one area I, and our team, have been pondering.

One of the best forms of defense is very simply- "street smarts". For example, we teach children not to go into dark alleys late at night, actually most parents wouldn't let their children out in a city at night! Yet our digital highways can be dangerous too- often the mediums are treated differently. I plan more on this in the future.

For now, us get back to Google Checkout.

Some of the features of Google Checkout include:

1) Google will store your complete shopping history. This is convenient of course, but remember if you lose access to that account- that history goes with you. This is no different than losing access via a hack to any e-mail account.

2) Google won't share your full credit card number, even with the merchants you buy from. This makes sense, since Google is doing the transaction on behalf of the merchant.

3) Google won't share your email address with merchants if you don't want them to. This is nice- you don't have to worry about getting lots of promotions via e-mail if you don't want.

4) Google will not spam you. Google pledges they will not spam you- great. They never have and I believe that is not in their plans.

5) You can store as many credit cards in Google Checkout as you want! That is where it starts to get a little bit risky.

Now, again, I am not being anti-Google, I am only being a realist. You have a pure play Internet brand, new to offering payment transaction processing to the public at large, prepared to do business en masse. If we look at recent history, like the PIRT report, it only stands to reason that Google, other privacy concerns aside, will experience their fair share of phishing attempts.

For now- use "street smarts". Be wary and be careful.

NOTE: If you are technically adept at handling phishing attempts and want to help by joining the PIRT Squad you can join the team here, if you simply want to report a phishing attempt you can do so by clicking here.

April 09, 2006

  • Phishing- What is it in a Nutshell?

Phishing is a form of criminal activity using social engineering or trickster techniques to fraudulently acquire sensitive information, such as passwords and credit card details, by masquerading as a trustworthy person or business in an apparently official electronic communication, such as an email or an instant message. The term phishing arises from the use of increasingly sophisticated lures to "fish" for users' financial information and passwords.

Phishing attempts that target employees of an particular company are often called "Spear Phishing". There is a current bill called the Anti-Phishing Act of 2005 now under debate and other community-driven methods are underway to attack phishers like the Phried Phish project from Castlecops where you can submit phishing address and skilled hunters will go after them and get them shutdown!

Coming soon...a bevy of tools and techniques to help protect your self from phishing.

Site EULA | Site Map | Contact Us | About Us | Site and Spyware FAQ | Advertise | RSS Feeds  | Link To Us | SpywareGuide JapanJapanese

© Copyright 2006, FaceTime Communications, Inc. All rights reserved.