Firm claims auto-phishing emails discovered

Just open them and you're done for

By INQUIRER staff

Wed Nov 03 2004, 13:23

MESSAGE LABS said it has intercepted emails which auto-capture bank details when they're opened.

It says it interecepted several emails at the end of October targeting three Brazilian banks, but the technique may be used for other banks. Usually, "phishing" emails work by masquerading as legitimate emails from banks and other online services.

But one way of protecting yourself from these auto-phishing attacks is to disable Windows scripting, Message Labs notes.

The mails work by running a script which attempts to rewrite host files of the machine that it's targeting. The next time you attempt to log into an Internet site, you are automatically re-directed to a fraudulent one, allowing your login details to be appropriated. µ

Coveritlive is targeted in a hacking attack Financial details are safe Monday, 16 January 2012, 11:13 AM Read more	Microsoft’s January Patch Tuesday fixes a critical Windows Media flaw Totals eight vulnerabilities Wednesday, 11 January 2012, 16:26 PM Read more
Brazilian ISPs have DNS servers poisoned Claims of an inside job Tuesday, 8 November 2011, 11:16 AM Read more	Facebook is accused of over-tracking users Social network follows users around the internet Monday, 26 September 2011, 10:18 AM Read more
Spammers promise free games to lure Twitter users Fake Diablo III beta invitations lead to phishing site Thursday, 22 September 2011, 14:43 PM Read more	Citibank was hacked by altering URLs World's largest payroll processor reveals a data breach Thursday, 16 June 2011, 11:25 AM Read more

Comments

There are no comments submitted yet. Do you have an interesting opinion? Then be the first to post a comment.

INQ White papers

Databases

Network management

Security

Service oriented architecture

Storage

INQ Jobs

Java Developer - Bristol/B

Java Developer Commutabl...

INQ Poll

Authorities in several countries raided Megaupload recently, shut down all of its services, seized hundreds of servers and arrested several of its executives on criminal charges.

Do you think the move was justified?

Yes, companies should suffer an immediate death penalty upon being accused of copyright infringement.

Yes, the coppers said the company was breaking the law so it must be guilty.

No, the company and the people accused are innocent until proven guilty.

No, the company had millions of customers who have been harmed by having access to their data files cut off.

I don't care, I never used Megaupload anyway.

View other polls

© Incisive Media Investments Limited 2012, Published by Incisive Financial Publishing Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, are companies registered in England and Wales with company registration numbers 04252091 & 04252093

SEARCH :

Site Credentials:

Business & Technology websites:

Business research resources:

Products:

Investment Market IT websites:

Find out what you are worth:

Salary Calculator

Search for a job:

Recruitment Agency A-Z Directory

Accreditations:

Digital Publisher of the Year 2010

Firm claims auto-phishing emails discovered

Share this:

RIM Playbook OS 2.0 and Blackberry 7.1 video demo

Nokia Lumia 710 video review