Mark (mhaithaca) wrote,

  • Mood:


Yet another creative and insidious phishing scheme that stands to take in quite a few gullible users. This one even uses reasonable URLs under the links, and real GeoTrust certificates, to make the scheme as plausible as any I've seen. (The link is to a Washington Post blog, not to a dangerous e-mail.)

Unfortunately, this is the sort of well-crafted e-mail that even the most security-minded operating system or e-mail client can't help you with. (Good e-mail software these days lets you see the URL that underlies the link you're about to click, and warns you if it's not the same as the link appears to be.) You have to know to be suspicious, and too many people don't. Luckily, it looks as though this one was shut down quickly... but after taking in how many people? Thanks to scrog for the link.

  • Post a new comment


    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded