iEntry 10th Anniversary RSS Archive

IT Management Begins With Security
SecurityProNews > Insider Reports > Insider > Phishing Quiz Tests Its Takers
Search:
[ insider_reports_insider ]

Phishing Quiz Tests Its Takers



David Utter
Staff Writer
2007-07-19

SecurityProNews: Insider Reports Insider Reports RSS Feed


An online quiz hosted at McAfee's SiteAdvisor website challenges people to pick out authentic sites and messages from pairs of real and fake ones.

Phishing Quiz Tests Its Takers
Phishing Quiz Tests Its Takers

The first two questions on the phishing quiz present an easy challenge to someone familiar with URLs. After those questions, McAfee takes away the address bar.

That makes it a little more complicated to figure out real pages from fakes through the rest of the ten-question quiz. I found one question particularly troublesome, and really wanted to pick what turned out to be the fake as the real page.

It's an eye-opening experience, and should make security pros realize just how difficult it can be for Internet users to detect a phishing site just on appearance.

Worse, the examples McAfee selected don't even represent how realistic a criminal can make a phishing site. A man in the middle attack redirecting someone to a perfect copy of a real site may succeed in capturing personal information, unless the address bar gives away the scam.

If the PC has been infected and its hosts file compromised, even the URL in the address bar will match the real site, while resolving to the phishing host.

McAfee said the losses people incur from phishing have increased. They cited figures from Gartner, which said per-victim losses in 2006 averaged $1,244. In 2004, that figure was $257.

Proof of Concept writers busy ahead of Black Hat: Security firm Symantec has received the dubious honor of a quartet of proof of concept viruses in a very short time span.

The four samples all dropped into Symantec's inbox over a two-week period. One targets the Maya 3D scripting language, while another focuses on WinHex's scripting.

Symantec researcher Peter Ferrie described the other two viruses as ones that infect a file, and upon execution go out and look for other files to infect. Left to run on a machine, these proof of concept viruses keep on going from file to file.

Ferrie said none of these present a threat to typical computer users. As proof of concept attempts, they were just something for the virus writers to do and brag about to a security company.


About the Author:
David Utter is a business and technology writer for SecurityProNews and WebProNews.

More insider_reports_insider Articles

SecurityProNews: Insider Reports Insider Reports RSS Feed

Get Your Site Submitted for Free in the World's Largest B2B Directory!

Email Address:
* URL:
*
*Indicates Mandatory Field

Terms & Conditions

iEntry Featured Services: Jayde Member Services | Forums | Freeware | Advertise with Us

Contact Us | Advertise | Newsletter Archive | Sitemap | Submit an Article | News Feeds
SecurityProNews is an iEntry, Inc.® publication - All Rights Reserved | Privacy Policy and Legal		 Join the WebProWorld Forums: Click Here
Virus Warnings

Subscribe to
SecurityProNews FREE!


[ more newsletters ]

Featured On:
article resources
Search Articles:
[advanced search]

WebProWorld.com
Get in-touch with industry experts and leaders
Post your site for review by expert and peers
Ask Security, IT, Development and Design questions

Free Membership: Join Now!

Visit WebProWorld.com

Titan Quest Forum
The #1 Titan Quest forum
Halo 3 Forum
The best Halo, Halo 2, Halo 3 forum
Nintendo Wii
Nintendo Wii news and views
Mac Software
The best in OS X freeware
Graphics Forum
Your source for graphic tutorials
SecurityProNews.com | Breaking eBusiness News Get Your IT Questions Answered - Click Here SecurityProNews News Feeds