In the ongoing war against those folks who would scam you online it pays to keep informed. Thus it is that this article at ArsTechnica.com is worth your time to read. For the first time just recently phishing attacks surpassed virus emails as the primary malware on the net:
Phishing attacks have the advantage of passing cleanly through firewalls, bypassing anti-virus software, and they don’t rely on users to be running operating systems that don’t have all the latest security patches. In fact, phishing doesn’t require the user to be running any particular operating system at all.
Phishing has an additional negative impact on the Internet besides simply scamming people out of their money and personal data. The sheer preponderance of phishing messages has made it more difficult for legitimate communication to get through. An personal example: I receive dozens of fake messages pretending to be from PayPal each day. So when a message from the real PayPal arrived in my inbox the other day (it needed me to update my credit card, ironically because I had to cancel the previous one due to fraudulent charges), I almost deleted it out of habit.
There are ways that financial institutions can help ensure that their customers are properly authenticated each time they log on a web site, but some of these methods are overly complicated or expensive to implement. One method involves a “scratch pad” of passwords which are used only once for each time the user logs in. Other ideas involve using additional physical devices before allowing users to sign on. A company in the UK has come up with a card scanner unit that connects to the user’s computer. So far, there have been few banks rushing to adopt these sorts of systems. APAK, the organization responsible for banking regulation in Britain, has not mandated that any of these types of additional security measures be used for online banking, nor have any other similar institutions in Europe or North America. For now, the phishers are definitely “making hay while the sun shines,” gathering up bank account information as fast as they can before new security measures are put in place.
The article goes on to talk about those Hot Stock Tip scams that we all get everyday, the rise of botnets, and the growing sophistication of trojans that target specific applications, spam spikes, highly specific attacks and what the anti-virus companies don’t want you to know. Anyone who spends any amount of time on the net will benefit from reading up on this. Go check it out.