Phishing attacks are on the rise again, and the targets — Facebook, Twitter, and other social networking sites, as well as large webmail sites — all seem at a loss as to how to protect their clients. I read a fascinating article on Byron Acohido’s “Watchdog on Internet security” blog which goes into the growing threats in some detail (the article was too long to repost, it is excerpted below). But what all these attacks have in common is the growing need for some new thinking on login protection. Being able to filter out automated login attempts by ... more

Yesterday brought the story of a massive phishing attack on Hotmail which resulted in at least 10,000 passwords being available online. Today, though, a researcher at ScanSafe is saying not so fast — she thinks “it’s more likely that this latest was the result of keylogging or data theft, not phishing.” If true, this would contradict what both Microsoft and Google have been claiming in public. The researcher is basing her claim on a cache of password data she found a few months ago, which is similar to the ones found recently in the news about what both ... more