left right politics showbiz tech invest good life gossip fun hot
Mother Jones Hot Air Huffpo Variety Engadget Seeking Alpha Lifehacker TheSuperficial Daily Beast reddit
Daily Kos Michelle Malkin Politico Billboard Boing Boing TheBigPicture Luxist TMZ.com Fark BuzzFeed
ThinkProgress RightWingNews First Read CNN Showbiz Gizmodo FT Alphaville Joystiq Perez Hilton 4chan memorandum
Crooks+Liars Power Line CNN ticker E! Online Techcrunch Josh Brown Kotaku gamer Bastardly Post Secret Techmeme
TalkngPtsMemo Ameri..Thinker Swampland TV Guide Ars Technica 24/7 Wall St. TreeHugger Egotastic hascheezburgr Drudge
The Raw Story NewsBusters The Caucus Ent. News Mashable bloggingstocks Consumerist PinkIsTheNew dooce digg
Wonkette Wizbang fishbowlDC HlywdWiretap Google blog DealBook lifehack.org CelebrityBaby Someth'nAwful trends
Atrios Taki Magazine WashWhisprs DeadlnHllywd Read/Write Jeff Matthews 43folders GoFugYourself Neatorama PSFK
Firedoglake Big Hollywood The Fix MSN Ent. OReilly Radar PhilsStockWorld Autoblog Page Six Cool Hunter BBC
Young Turks IMAO Capital Gains Rot'nTomatoes GigaOM Daily Rec'ng Deadspin BestWeekEver stereogum Timespop
Americablog AceOfSpades Open Secrets Cinematical ProBlogger Zero Hedge DownloadSqd Dlisted CuteOverload media eye
Politicususa Redstate WikiLeaks law Cool Tools Bespoke MediaZone PopSugar Dilbert blog TVNewser
CounterPunch Jawa Report econ law.alltop Scobleizer BtwTheHedges Deviant ArtHollyw'dTuna gapingvoid BuzzMachine
TalkLeft Patterico EconLog Volokh Consp. Apple Blog Minyanville Gothamist x17online DailyGrail MediaGazer
Feministing Townhall.com Freakonomics Legal Insurrec.. Valleywag Fast Money Curbed DailyBlabber Prof. Hex Steve Rubel
PolitAnimal OutsideBeltwy CrookedTimbr Conglomerate mozillaZine RealClearMkts FabSugar Gawker OvrheardinNY MediaBlgNRO
Truthdig Moonbattery MarginalRevo SportsLawBlog Smashing W$J Mktbeat Gridskipper Radar Last.fm Threat Level
Alternet RealClearPoli crime W$J Law BlogTechdirt AbnormalRtrns Material Defamer kottke.org Seth's blog
Media Matters Instapundit CrimeblogsBalkinizationMAKE RandomRoger Sartorialist Jossip PumpkinChuckin mediamatters
The Nation Hugh Hewitt All Crime Credit Slips SrchEngLand Stock Advisors Drink'nMadeEasy Just Jared Maps Mania Newshounds
Maddow Blog PJ Media Smoking Gun FindLaw VentureBeat Slope of Hope Mark Cuban Celebitchy CollegeHumor FAIR

Wednesday, March 9, 2005

On EBay, E-Mail Phishers Find a Well-Stocked Pond

NY Times reported:

For eBay, phishers are more than just an expensive irritation. EBay is among the five companies most frequently targeted by phishers, according to David Jevans, chairman of the Anti-Phishing Working Group, an industry association that includes eBay. Like phishers who go after customers of credit card issuers, those who target eBay users sometimes try to capture credit card numbers as well as general personal information.

The company's domination of the online auction business and its heavy dependence on e-mail communication make its users particularly vulnerable to this kind of online scams.

"EBay is purely virtual," Mr. Jevans said. "They live or die by e-mail."

The proliferation of eBay and PayPal phishes means that the legitimate e-mail that powers eBay transactions are increasingly being eliminated by junk e-mail filters. At the same time, some sellers say that buyers are becoming wary because of the constant threats from phishing, which is straining eBay's relationship with customers and may be driving down auction prices.

"I don't think eBay has a good insight of what's happening on the grass-roots level to individual sellers," said Joe Cortese, the chairman of the Professional eBay Sellers Alliance.

EBay is reluctant to discuss its security measures, but the company has taken three steps recently. A few months ago, it began offering users of Windows-based computers a free toolbar that flashes a warning when a browser is pointed toward what it believes to be a fraudulent Web site. (J. Peter Selda, the chief executive of WholeSecurity, whose technology is used by eBay to detect phishing sites, estimates that only about 10 percent of eBay account holders have downloaded the toolbar.) Last month, eBay also joined an effort organized by WholeSecurity to block fraudulent Web sites.

On EBay, E-Mail Phishers Find a Well-Stocked Pond [NY Times, Mar. 7, 2005]

Phishing is now evolving into "pharming"...CNet reported:
Online thieves looking for personal data may be moving to more active measures by redirecting people from legitimate sites to malicious ones, security experts said this week.

The warning follows reports Friday that some people's computers were being redirected from sites such as eBay and Google to malicious Web servers that attempted to install spyware. The compromises affected 30 to 40 networks, according to Jason Lam, incident handler for the Internet Storm Center, which tracks network threats...

The attacks compromised servers that act as the white pages of the Internet--a key part of cyberspace that's known as the domain name system, or DNS--to replace the numeric addresses of popular Web sites with the addresses of malicious sites run by the attackers. Known as DNS poisoning, the scheme redirects Internet users to bogus sites where they may be asked for sensitive information or have spyware installed on their PCs...

Some security companies have called this technique pharming.

Phishers using DNS servers to lure victims? [CNET, Mar. 8, 2005]

Calculated Risk

MishTalk - Mike Shedlock

Paul Krugman - NY Times

The Big Picture - Barry Ritholtz

naked capitalism - Yves Smith

Pragmatic Capitalism

Washington's Blog

Safe Haven

Paper Economy

The Daily Reckoning - Australia