Language Selection

English French German Italian Portuguese Spanish

Phishers Dodge Content Filtering

Filed under
Security

Phishing criminals are using a new technique to slip by the content filtering software some enterprises use to protect their workers from scams, a U.K.-based Web metrics and monitoring firm said Friday.

According to Netcraft, some fraudsters are replacing text content on their phony sites with similar-looking images, "making it much more difficult for automated systems to detect the presence of keywords such as 'PayPal' and 'credit card.'"

In an online alert, Netcraft illustrated how a phisher could simply embed text within an image to hide it from filters. The text would still be readable by a possible victim, but not by a computer.

"Because the content filters may not detect this [sample page] as being a PayPal phishing scam, it could slip through undetected, allowing the fraudster to harvest the credentials of thousands of PayPal customers," Netcraft went on in its alert.

Full Story with live links.

More in Tux Machines

Parsix GNU/Linux 8.0 Test 3 Out Now with GNOME 3.16.3 and Linux Kernel 4.1.6 LTS

The Parsix GNU/Linux Project has just announced the release and immediate availability for download and testing of the third development milestone towards the Parsix GNU/Linux 8.0 (Mumble) operating system. Read more

$15 Orange Pi PC hacker SBC packs 1.6GHz quad-core SoC

Shenzhen Xunlong tipped a $15 “Orange Pi PC” SBC with a 1.6GHz quad-core Cortex-A7 SoC, Pi-compatible expansion, HDMI, 100Mbit Ethernet, quad USB, and more. Late last year and early this year, Shenzhen Xunlong Software introduced a family of open-spec, Linux- and Android-ready “Orange Pi” single board computers. The first two, the $49 Orange Pi and $40 Orange Pi Mini, were built with the Allwinner A20 SoC, featuring a dual-core, 1GHz Cortex-A7 CPU and PowerVR SGX544MP2 GPU. They were soon followed by the $59 Orange Pi Plus, based on a new, low cost quad-core, 1.6GHz Cortex-A7 Allwinner H3 SoC, featuring a Mali-400 MP2 GPU. Read more

Mozilla and Add-ons

  • Firefox 40.0.3 Brings Bug-Fixes Only
  • Reactions to Mozilla’s announcement about upcoming Firefox add-on changes
  • Mixed Feelings Greet Mozilla's Add-ons Overhaul
    Also new is a requirement for add-ons to be reviewed and signed by Mozilla before their deployment. Back in April, Mozilla's security lead Daniel Veditz published The Case for Extension Signing, addressing the volume of feedback their announcement had generated from the developer community. Veditz said the internet browsing experience for tens of thousands of people was being shaped by "third party add-ons in ways they did not choose and that benefit third parties, not the user."
  • Please, God, Don't Let Mozilla Ruin Firefox
    A week ago, Mozilla shed some light on its future, laying out a plan on how the browser is going to dramatically change in the upcoming months. While most of us understood "Chrome extensions were coming to Firefox," it is not as simple as we all thought.
  • The future of Firefox Add-ons - Nope
    Once in a while, I must give my sermons, to help you figure out how things work. Why this is not going to be good for us, the users, and why we must duly prepare, in advance. As it happens, Mozilla does not fully understand the market. It truly does not. When you make decisions based on incorrect data, you are bound to make a disastrous choice. Let's try to amend this, if possible.

Leftovers: Ubuntu