Fair Use: Please note that use of the Netcraft Blog is subject to our Fair Use and Copyright policies. For more information, please visit http://news.netcraft.com/fair-use-copyright, or email info@netcraft.com.

  1. Who can block the largest number of phishing sites in January?

    The Netcraft Toolbar blocked more than 41,000 phishing attacks in its first year. To get the new year off to a good start, Netcraft will send a top of the range iPod [or item of equivalent value for anyone who has already received a "Thanks for all the Phish" commemorative iPod from Netcraft] to the five people who have the largest number of phishing reports accepted during January, and a Netcraft sweatshirt to the 50 people with the next largest numbers of accepted reports.

    To track the progress, we have created a leaderboard displaying the people with the largest number of accepted reports so far in January, identified by their first names to preserve their anonymity.

    Including the toolbar community itself and customers of ISPs using our Phishing site feed, well over a million people are protected from phishing by the Netcraft Toolbar.

    The Netcraft Toolbar is available for both Internet Explorer and Firefox, and serves as a giant neighborhood watch scheme for the Internet, in which members who encounter a phishing fraud can act to defend the larger community of users against the attack. Once the first recipients of a phishing mail have reported the target URL, it is blocked for toolbar users who subsequently access the URL and widely disseminated attacks simply mean that the phishing attack will be reported and blocked sooner.

    Reporting a Suspicious URL

    When you visit a page that you believe to be a phishing site, or contains fraudulent or deceptive content, we ask that you report it so that other toolbar users will benefit from your vigilance. The more sites that are reported, the more useful the toolbar will become for everyone.

    You can report a URL by clicking on "Report a Phishing Site" in the toolbar menu, accessed by clicking on the Netcraft logo:

    reportphish.png

    After you report a URL, Netcraft will review the report and block the page if we confirm it as part of a phishing attack.

    Posted by Rich Miller on 5th January, 2006 in Security Share

  2. Microsoft WMF Fix Released ‘Inadvertently’

    A Microsoft work-in-progress security update to repair the critical Windows MetaFile (WMF) security hole was accidentally released to security sites, the company said late Tuesday. "In our effort to put this security fix on a fast track, a pre-release version of the update was briefly and inadvertently posted on a security community site," Mike Reavy noted on the Microsoft Security Response Center Blog. "There has been some discussion and pointers on subsequent sites to the pre-release code. We recommend that customers disregard the postings and continue keep up-to-date with our latest information on the WMF issue. "

    Reavy said the update is still scheduled to be released Tuesday, Jan. 10 as part of Microsoft's regular monthly security advisory. With no official patch for the vulnerability, several prominent security organizations are recommending an unofficial patch developed by programmer Ilfak Guilfanov. On Tuesday Guilfanov's web site, Hexblog.com, was linked from posts at Slashdot and Digg, and soon was offline, apparently for exceeding its bandwidth allotment. The site came back online Wednesday, but the unofficial patch is being mirrored by numerous sites, including the Internet Storm Center, which has also provided an FAQ about the WMF vulnerability..

    (more...)

    Posted by Rich Miller on 4th January, 2006 in Security Share

Page 2 of 212