Mar 8, 2007 12:50 PM

Phaux Phish

The Malevolent Design weblog has a post about how online financial businesses like to shoot themselves in the foot with customer education. Perhaps the only real defense (short of costly two token authentication) we have against Phishing and online identity theft is to get people to recognize fraudulent websites and emails. But the phishers are […]

The Malevolent Design webloghas a post about how online financial businesses like to shoot themselves in the foot with customer education. Perhaps the only real defense (short of costly two token authentication) we have against Phishing and online identity theft is to get people to recognize fraudulent websites and emails. But the phishers are clever, sometimes more clever than the actual companies. From Malevolent Design:

For example, TalkTalk lets you register online to manage your account via their site. Instead of simply emailing you to let you know when a new account statement is available, they send out the whole thing as an attached HTML file, complete with your name, address, phone number and account number. OK, that's not much more than what Amazon includes in a dispatch notification, but what makes it amusing/disturbing is the first line of the email:
"Your latest bill is now available to view online. Don't worry it's from TalkTalk."

Compare with, for instance, these Chase phishing mails, many of which seem pretty plausible, or at least more plausible than "Don't worry..." Really, if the fraudsters are doing your identity and branding better than you, you need to be spanked by Marketing.

Photo: Thanks, Peyri

TopicsThreat Level

US Takes Down Botnets Used in Record-Breaking Cyberattacks

The Aisuru, Kimwolf, JackSkid, and Mossad botnets had infected more than 3 million devices in total, many inside home networks, according to the US Justice Department.

Andy Greenberg

Your Vape Wants to Know How Old You Are

Companies hope that biometric age-verification tech in cartridges could put flavored vapes back in business. But it's unlikely to solve the real problems.

Boone Ashworth

Using a VPN May Subject You to NSA Spying

US lawmakers are pressing Tulsi Gabbard to reveal whether using a VPN can strip Americans of their constitutional protections against warrantless surveillance.

Dell Cameron

Livestream Replay: The War Machine

A panel of WIRED experts dissected the defense tech industry’s impact on modern warfare.

Tim Marchman

CBP Facility Codes Sure Seem to Have Leaked Via Online Flashcards

The Quizlet flashcards, which WIRED found through basic Google searches, seem to include sensitive information about gate security at Customs and Border Protection locations.

Sammy Sussman

Exclusive LegalZoom Promo Code for 10% Off Services for April

Save on top services at LegalZoom, like LLC registration, incorporation, estate plans, and more with coupons and deals from WIRED.

Parker Hall

Tech Companies Are Trying to Neuter Colorado’s Landmark Right-to-Repair Law

A bill in Colorado is a glimpse into the future of how corporations are working to limit the freedom people have to make their own fixes and upgrades.

Boone Ashworth

Hundreds of Millions of iPhones Can Be Hacked With a New Tool Found in the Wild

A powerful iPhone-hacking technique known as DarkSword has been discovered in use by Russian hackers. It can take over devices running iOS 18 that simply visit infected websites.

Andy Greenberg

The IRS Wants Smarter Audits. Palantir Could Help Decide Who Gets Flagged

Documents show the tax agency is testing a Palantir tool to surface “highest-value” audit and investigation targets from a maze of legacy systems.

Caroline Haskins

You Can Soon Buy a $4,370 Humanoid Robot on AliExpress

Unitree is bringing its R1 to international markets. It arrives with some aerobatic capabilities and an entry-level price, but the question of what you'd actually do with it remains open.

Marco Trabucchi

What’s With the US Ban on Foreign Routers?

The FCC just banned the sale of new consumer-grade Wi-Fi routers manufactured outside the US. Here’s what it means for you.

Simon Hill

FCC Enforcement Chief Offered to Help Brendan Carr Target Disney, Records Show

Last year, as FCC chair Brendan Carr threatened ABC over a Jimmy Kimmel monolog, a civil servant overseeing West Coast stations privately pledged support, according to emails obtained by WIRED.

Dell Cameron