Copyright © 2010 What The Hell? Security
San Francisco, Calif. — A man who spent the last 9 years in a phishing-induced coma awoke today — only to relapse minutes later upon learning that absolutely no progress had been made on the anti-phishing scene since 2001.
In an exclusive interview held at Sanford Wallace Memorial [...]
Filed under: Uncategorized | Tagged: phishing | Leave a Comment »
Copyright © 2009 What The Hell? Security
If you believe that Bit.ly is going to solve their shortened URL problem the way they intend to, have I got a story for you.
[Sidebar: Be aware that it's completely safe to click on the links in the previous paragraph. If you don't believe me, select View -> Source [...]
Filed under: Uncategorized | Tagged: fraud, hypertext, phishing, security soapbox | Leave a Comment »
Copyright © 2009 What The Hell? Security
John Pescatore makes a point about warning vs. blocking bad links. But here’s the thing about links: We’re thinking about them all wrong.
Now, of course there are bad links. They end up on blacklists. Let’s pretend they’re more than marginally useful. (If you have issue with that statement, go [...]
Filed under: Uncategorized | Tagged: fraud, hypertext, phishing | Leave a Comment »
Copyright © 2009 What The Hell? Security
Referring to my previous post, here is the skinny on my Anti-Fraudulent Hot Dog Vendor Detector.
Well, hold on. I’m up to Version 2.0. Before I describe that, I really should explain Version 1.0. Here’s a theoretical average day in its life. Bear with me, there’s actually [...]
Filed under: Uncategorized | Tagged: fraud, malware, phishing | Leave a Comment »
Copyright © 2009 What The Hell? Security
What the hell? We have it all wrong again.
Listen up everybody. This isn’t about Facebook.
It’s like this. Consider the crime of stealing a credit card number in two scenarios, one offline and one online:
Offline
Online
Victim
Street Pedestrian
Online Pedestrian
Perpetrator
Fraudulent Hot Dog Vendor*
Fraudulent HTML Author
Scene
Street Corner
Any Website
Bait
Hot Dog
Link or Form
Innocent Act
Handing [...]
Filed under: Uncategorized | Tagged: fraud, hypertext, malware, phishing | Leave a Comment »
Copyright © 2009 What The Hell? Security
There’s a really good reason that Web security is such a pain. It’s not supposed to be secure.
Sorry to break it to you, but hypertext was thirty years old before we decided to use the Web as a platform for commerce. That’s, what, three years longer than the [...]
Filed under: Uncategorized | Tagged: fraud, hypertext, malware, phishing | Leave a Comment »
Copyright © 2009 What The Hell? Security
Convenient to the point I make here, the terms Moore’s Law and Hypertext were both coined in 1965.
Since then, if I’m counting correctly on fingers and toes, CPUs should have improved by roughly a factor of (2 **(((2009 – 1965)*12)/18)) = 676,414,963. The actual number doesn’t matter because I’m [...]
Filed under: Uncategorized | Tagged: fraud, malware, phishing, security soapbox | Leave a Comment »
Copyright © 2009 What The Hell? Security
Phishing is so pre-”What The Hell Security.” Here’s what post-click fraud has that phishing doesn’t.
In name:
jargon-free (sorry d00dz)
capitalizes on an understood concept (fraud)
describes its boundaries (the fraud after the click, not the fraud after the card trick)
In meaning:
encompasses all link-aware applications (office apps, browsers, music players, drawing apps, etc.)
encompasses [...]
Filed under: Uncategorized | Tagged: fraud, phishing | Leave a Comment »
Copyright © 2009 What The Hell? Security
Phishing used to be a bounded phenomenon. Mirriam-Webster Online defines it as “a scam by which an e-mail user is duped into revealing personal or confidential information which the scammer can use illicitly.“
Translation: Receive an email thick with Romanian accent; click on “Click hear” [sic]; transcribe your PayPal [...]
Filed under: Uncategorized | Tagged: fraud, malware, phishing | Leave a Comment »
Blogger’s Notice: The following material was plagiarized from a movie script to make the blogger’s point for him. Any resemblance to named companies and technologies is definitely intentional. No animals were harmed in the cutting-and-pasting of this satire.
General Verisign: You want informed browsing?
Cruisin’ Consumer: I think I’m entitled to it.
General Verisign: You want Base64 [...]
Filed under: Uncategorized | Tagged: phishing, security humor, ssl | Leave a Comment »
