>From - Sat Mar 02 00:57:20 2024
Received: by 10.35.90.20 with SMTP id s20mr949778pyl;
Wed, 26 Jul 2006 18:54:18 -0700 (PDT)
Return-Path: <reginal..._at_hotmail.com>
Received: from bay0-omc1-s29.bay0.hotmail.com (bay0-omc1-s29.bay0.hotmail.com [65.54.246.101])
by mx.googlegroups.com with ESMTP id c20si4049750pyc.2006.07.26.18.54.18;
Wed, 26 Jul 2006 18:54:18 -0700 (PDT)
Received-SPF: pass (googlegroups.com: domain of reginal..._at_hotmail.com designates 65.54.246.101 as permitted sender)
Received: from hotmail.com ([65.54.224.46]) by bay0-omc1-s29.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.1830);
Wed, 26 Jul 2006 18:54:17 -0700
Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC;
Wed, 26 Jul 2006 18:54:17 -0700
Message-ID: <BAY105-F361C159DFC1DB4975EC95584580_at_phx.gbl>
Received: from 65.54.224.200 by by105fd.bay105.hotmail.msn.com with HTTP;
Thu, 27 Jul 2006 01:54:16 GMT
X-Originating-IP: [74.106.212.207]
X-Originating-Email: [reginal..._at_hotmail.com]
X-Sender: reginal..._at_hotmail.com
In-Reply-To: <7.0.1.0.2.20060726161431.07d4aa18_at_tscm.com>
From: "Reginald Curtis" <reginal..._at_hotmail.com>
To: TSCM-L2006_at_googlegroups.com
Bcc:
Subject: RE: [TSCM-L] Spy-phishing is emerging crimeware technique, warns Trend Micro
Date: Thu, 27 Jul 2006 01:54:16 +0000
Mime-Version: 1.0
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
X-OriginalArrivalTime: 27 Jul 2006 01:54:17.0716 (UTC) FILETIME=[91EFEB40:01C6B11F]
Return-Path: reginal..._at_hotmail.com
<html><div style=3D'background-color:'><P>Dear James,</P>
<P>Just a note to inform you that the July 25 (?) issue of the <STRON=
G>New Yorker </STRONG>which just landed on the newstands contains a 10 page=
article on the Pelicano affair. Its major focus appears to be on the high =
powered lawyer Fields but I suppose most of the usual suspects are mentione=
d.</P>
<P>Have a great summer,<BR><BR></P>
<DIV>
<DIV><FONT color=3D#ff0033><STRONG>Reg Curtis\VE9RWC</STRONG></FONT></DIV><=
/DIV>
<BLOCKQUOTE style=3D"PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #a0c=
6e5 2px solid; MARGIN-RIGHT: 0px"><FONT style=3D"FONT-SIZE: 11px; FONT-FAMI=
LY: tahoma,sans-serif">
<HR color=3D#a0c6e5 SIZE=3D1>
From: <I>"James M. Atkinson" <j..._at_tscm.com></I><BR>Reply-To: <I>TSCM=
-..._at_googlegroups.com</I><BR>To: <I>TSCM-L <TSC..._at_googlegroups.com><=
/I><BR>Subject: <I>[TSCM-L] Spy-phishing is emerging crimeware technique, w=
arns Trend Micro</I><BR>Date: <I>Wed, 26 Jul 2006 16:16:41 -0400</I><BR><BR=
><A href=3D"http://www.strategiy.com/itnew.asp?id=3D20060726093647">http://=
www.strategiy.com/itnew.asp?id=3D20060726093647</A><BR><BR>Spy-phishing is =
emerging crimeware technique, warns Trend Micro <BR>[Wednesday, July 26, 20=
06 1:37:00 pm]<BR><BR>Trend Micro, Inc. has issued a warning to internet us=
ers to beware of spy-phishing, a technique that capitalises on the increasi=
ngly popular trend of blended threats to steal money and personal informati=
on. <BR><BR>Besides technological advances, the emergence of spy-phishing a=
s a significant element in the threat landscape also highlights the shift=
=20
in the intent of malware writers. Previous generations of malware writers d=
eveloped their programs chiefly to show off their expertise, unlike current=
writers who are interested in financial gain. <BR><BR>Spy-phishing is done=
by using Trojan spyware, or software that secretly installs itself on a co=
mputer and extracts personal information without the user=92s knowledge. Ac=
cording to the Trend Micro Trojan Spyware Index, the incidence of Trojan sp=
yware has increased by over 250 per cent over the past 16 months. Similarly=
, according to a report published by the Anti-Phishing Working Group, an av=
erage of more than 188 new samples of Trojan spyware have been utilised in =
spy-phishing attacks each month in the first four months of 2006 =96 a 234 =
per cent increase over the same period in 2005. =93Spy-phishing is anything=
that causes financial or intellectual loss,=94 explains Jamz Yaneza, senio=
r threat=20
researcher at Trend Micro. =93Spy-phishing=92s direct antecedents are spywa=
re, phishing, and backdoor Trojans. It is a blended threat that uses phishi=
ng techniques to initially present itself to users, and then typically enga=
ges a host of other techniques and exploits to surreptitiously download and=
install spyware applications in the background. These applications often d=
ownload additional spyware applications to extend their functionality.=94<B=
R><BR>The five per cent of spyware that can be considered to be malicious i=
s intended solely to steal passwords, bank account information, credit card=
numbers, social security numbers, and then use that information for illega=
l purposes. <BR><BR>Phishing, in which the identity of a target organisatio=
n is stolen in order to steal identities of unsuspecting customers, frequen=
tly uses professional-looking, HTML-based e-mails that include company logo=
s,=20
font styles, colors, graphics, and other elements to successfully spoof the=
supposed sender. Most also contain a link to a Web site, which is an exact=
replica of the spoofed site, to lure users into parting with their persona=
l information. Backdoor Trojans are malware programmes that perform unexpec=
ted or unauthorized actions on the user=92s computer and enable unauthorise=
d access by remote systems.<BR><BR>Online money transfer service, E-gold, h=
as been attacked in the past with spy-phishing emails and classical phishin=
g. A trojan EXE was used to steal information that was sent as an attachmen=
t in an email. These attacks are similar to phishing in that they spam pote=
ntial victims, but instead of giving a link to a fake website, they include=
a trojan in the message. The trojan monitors web traffic in order to steal=
the usernames/passwords to banking websites.<BR><BR>Spy-phishing offers=20
malicious authors a variety of applications and uses. While individual end-=
users are an obvious target, enterprises and their work force have more to =
lose from spy-phishing exploits. =93Businesses of all sizes are potentially=
at risk, as spy-phishing can also just as easily be utilised for corporate=
espionage," says Yaneza. =93In fact, due to the Trojan components, and the=
long-term stealth capabilities they employ, the threat to sensitive corpor=
ate information is perhaps greater than is the risk to the individual.=94 <=
BR><BR>=93There is a growing sophistication of techniques used to target vu=
lnerable individuals. Besides regularly updating security software, firms n=
eed to realise that enterprise phishing relies on tricking people. They nee=
d to instill a healthy dose of scepticism into employees when it comes to t=
rusting emails and web sites. Enterprises need to adopt a strategy of stren=
gth and=20
depth,=94 says Justin Doo, regional director, Trend Micro Middle East and N=
orth Africa. <BR><BR><BR><BR><BR><BR>
<P><FONT color=3D#ff0000 size=3D2><I>We Hunt Spies, We Stop Espionage, We K=
ill Bugs, and We Plug Leaks.<BR><BR></I></FONT><B>James M. Atkinson, Presid=
ent and Sr. Engineer<BR>Granite Island Group<BR></B>127 Eastern Avenue #291=
<BR>Gloucester, MA 01930-8008<BR>Phone: (978) 546-3803<BR>Fax: (978) 546-94=
67<BR>Web: <A href=3D"
http://www.tscm.com/">
http://www.tscm.com/</A><BR>E-M=
ail: <A href=3D"mailto:jm..._at_tscm.com"><I>jm..._at_tscm.com<BR><BR></A></I><BR=
>
Received on Sat Mar 02 2024 - 00:57:20 CST