Language Selection

English French German Italian Portuguese Spanish

Phishers Dodge Content Filtering

Filed under
Security

Phishing criminals are using a new technique to slip by the content filtering software some enterprises use to protect their workers from scams, a U.K.-based Web metrics and monitoring firm said Friday.

According to Netcraft, some fraudsters are replacing text content on their phony sites with similar-looking images, "making it much more difficult for automated systems to detect the presence of keywords such as 'PayPal' and 'credit card.'"

In an online alert, Netcraft illustrated how a phisher could simply embed text within an image to hide it from filters. The text would still be readable by a possible victim, but not by a computer.

"Because the content filters may not detect this [sample page] as being a PayPal phishing scam, it could slip through undetected, allowing the fraudster to harvest the credentials of thousands of PayPal customers," Netcraft went on in its alert.

Full Story with live links.

More in Tux Machines

Linux and Graphics

Security Leftovers

  • Cockpit 0.104
    Cockpit is the modern Linux admin interface. There’s a new release every week. Here are the highlights from this weeks 0.104 release.
  • FFmpeg 3.0.2 "Einstein" Multimedia Framework Released with Updated Components
    Today, April 28, 2016, the development team behind the popular FFmpeg open-source and cross-platform multimedia framework has released the second maintenance release in the stable FFmpeg 3.0 "Einstein" series. FFmpeg 3.0 was a massive release announced in mid-February, which brought in numerous existing changes, including support for decoding and encoding Common Encryption (CENC) MP4 files, support for decoding DXV streams, as well as support for decoding Screenpresso SPV1 streams.
  • Using bubblewrap in xdg-app
    At the core of xdg-app is a small helper binary that uses Linux features like namespaces to set up sandbox for the application. The main difference between this helper and a full-blown container system is that it runs entirely as the user. It does not require root privileges, and can never allow you to get access to things you would not otherwise have.
  • Build System Fallbacks
    If you are using Builder from git (such as via jhbuild) or from the gnome-builder-3-20 branch (what will become 3.20.4) you can use Builder with the fallback build system. This is essentially our “NULL” build system and has been around forever. But today, these branches learned something so stupidly obvious I’m ashamed I didn’t do it 6 months ago when implementing Build Configurations.
  • Node.js version 6 is now available

today's howtos

Leftovers: Gaming