funsec mailing list archives
Re: Nordea Sweden shuts Internet banking due to targeted phishing
From: "David Lodge" <dave () cirt net>
Date: Wed, 05 Oct 2005 22:22:20 +0100
On Wed, 05 Oct 2005 01:45:54 +0100, Richard Cox <richard () beijing spamhaus cn> wrote:
On 5 Oct 2005 01:08:43 +0100 (BST) Drsolly <drsollyp () drsolly com> wrote:Banks could fix the phishing problem if they had the incentive. It isn't bad enough yet to make them want to fix it.They do want to fix it. They are just now discovering what needs to be done. I had a very productive meeting with APACS last week, and there is much to be taken forward from that. Hopefully Gadi will introduce a new participant to some of his lists very soon which will underpin that.
I totally agree with you Richard; the problem isn't the banks - it's users, ISPs and notifications. I can't emphasise enough how many emails I receive saying something like "I got this weird email from you so I entered my details and got this strange error".
The annoying thing is the timeline, for the last phishing attempt I dealt with, the timeline went something like:
Day One 0300 Phishing emails sent out. 1500 APACS notify somebody in our company and ask ISP to shut down site. Day Two 0800 Company person forwards email to me. 0930 I receive email, swear a lot; trace site. 1000 Dig around ISPs website to find a phone number.1100 After spending 40 minutes on hold to ISP get through, told that "the security guy" is on lunch (as ISP in the Netherlands and 1 hour in front) and to ring back in an hour. 1230 Finally get to speak to security guy and ask him to shut down the site. 1400 Americans come in and receive emails. They contact external company we pay to shut down the site.
1500 Site's still up. Ring up ISP again 1630 Site is finally down. So in total: 27 hours before somebody in the company gets shut down.3 groups of people (me, APACS, company we employee to shut down phishing sites) contacted the ISP to take down the web site over a period of 36 hours.
Company we employ to alert of phishing and take down sites didn't even notice (probably because the email was only sent out to UK people).
Not good. dave _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: Nordea Sweden shuts Internet banking due to targeted phishing, (continued)
- Re: Nordea Sweden shuts Internet banking due to targeted phishing Craig Webster (Oct 05)
- Re: Nordea Sweden shuts Internet banking due to targeted phishing Florian Weimer (Oct 05)
- Re: Nordea Sweden shuts Internet banking due to targeted phishing Steven Champeon (Oct 05)
- Re: Nordea Sweden shuts Internet banking due to targeted phishing Florian Weimer (Oct 05)
- Re: Nordea Sweden shuts Internet banking due to targeted phishing Justin Mason (Oct 05)
- Re: Nordea Sweden shuts Internet banking due to targeted phishing Florian Weimer (Oct 05)
- Re: Nordea Sweden shuts Internet banking due to targeted phishing Drsolly (Oct 05)
- Re: Nordea Sweden shuts Internet banking due to targeted phishing Blue Boar (Oct 05)
- RE: Nordea Sweden shuts Internet banking due to targetedphishing Peter Kruse (Oct 05)
- Re: Nordea Sweden shuts Internet banking due to targeted phishing Richard Cox (Oct 04)
- Re: Nordea Sweden shuts Internet banking due to targeted phishing David Lodge (Oct 05)
- Re: Nordea Sweden shuts Internet banking due to targeted phishing Florian Weimer (Oct 05)
- Re: Nordea Sweden shuts Internet banking due to targeted phishing Dan Kaminsky (Oct 05)
- Re: Nordea Sweden shuts Internet banking due to targeted phishing Drsolly (Oct 05)
- Re: Nordea Sweden shuts Internet banking due to targeted phishing Valdis . Kletnieks (Oct 05)
- Re: Nordea Sweden shuts Internet banking due to targeted phishing Dan Kaminsky (Oct 05)
- RE: Nordea Sweden shuts Internet banking due to targetedphishing Aditya Deshmukh (Oct 04)
- Re: Nordea Sweden shuts Internet banking due to targeted phishing Florian Weimer (Oct 05)
- Re: Nordea Sweden shuts Internet banking due to targeted phishing Florian Weimer (Oct 05)
- Re: Nordea Sweden shuts Internet banking due to targeted phishing Craig Webster (Oct 05)