Citigroup Phishing surged after Wachovia Announcement

American financial services company Citigroup suffered a deluge of phishing attacks after Monday's news that it intended to acquire the banking operations of Wachovia Corporation.

The credit crisis has triggered a number of acquisitions in recent months, and fraudsters have previously tried to exploit such events by orchestrating phishing attacks against the acquiring companies. One motivation for these types of attack is the increased chance of success when potential victims have less familiarity with the genuine website that is being fraudulently mimicked.

However, the timing of this week's attacks may be coincidental — and subsequently Wachovia has announced that it will instead merge with Wells Fargo.

Citigroup phishing

Netcraft offers a countermeasures service to help banks and other financial organizations take down phishing sites. This service complements Netcraft's Phishing, Identity Theft and Bank Fraud Detection service and its free Anti-Phishing Toolbar.

MySpace adopts Windows Server 2008

MySpace has become one of the first very busy sites to adopt the use of Windows Server 2008, using the new Microsoft operating system on its redirection site at

MySpace started using the site last year, in a bid to protect its users against spamming and phishing attacks. When users added a link into MySpace, the URL would be replaced with a link to, which would then redirect to the intended URL. This gave MySpace greater control over the links that originated from their site, allowing them to disable the links if they are found to point to spam, viruses or phishing sites.

MySpace initially received criticism for implementing their redirection system, as it resulted in all destination URLs being converted to lowercase. For some users, this broke links to popular sites such as YouTube, which uses case-sensitive URLs for its videos (e.g.

While the server exhibits the TCP/IP characteristics of Windows Server 2008, and runs Microsoft's IIS 7.0 web server software, the main MySpace site at continues to use IIS 6.0 and Windows Server 2003. Netcraft's Web Server Survey contains more than 8 million sites hosted by

'Msplinks' that are no longer in service cause the user to be redirected to a MySpace error page, which states that, "...the link was very naughty, and, much like head lice, had to be eliminated before it spread." The page then goes on to describe the possible reasons for the link being disabled.

A casual glance at the homepage reveals a distinct lack of content; however, the purpose of the site is contained in a hidden message written in white text, which can be viewed by highlighting the contents of the page, or viewing the HTML source:

Windows Server 2008 Sighted at and around the web

Microsoft has recently switched its main website, to Windows Server 2008 and Microsoft-IIS/7.0.

Although Windows Server 2008 is not yet released, Beta 3 is publicly available for early adopters to use. Internet Information Server 7 is already released, but will probably not see widespread use until Windows Server 2008 (formerly "Longhorn") is released, since it only runs on Windows Server 2008 or Windows Vista.

There are already around 2,600 sites running Windows Server 2008 on the Internet. Whilst some of the servers running Windows Server 2008 are at Microsoft itself, the majority are not, with developers and hosting companies taking advantage of Windows Server 2008's availability under a Go Live license which allows the beta to be used for testing or in a live environment without cost.

Windows Server 2008 is due to be released in the second half of 2007, although there has been media speculation - fueled by the 2008 name - that a release may be at the end of that period. Once it is released, it could be expected to take a long time for large numbers of sites to move over to the latest version; it took several years for the installed base of Windows Server 2003 to overtake Windows 2000, and there are still some 5 million sites running on Windows 2000 even today.

Internet Passes 600,000 SSL Sites

Netcraft's SSL Survey has found more than 600,000 SSL sites on the Internet for the first time this month. SSL sites are used by ecommerce sites, online banking and financial services, and other secure online service providers.

Netcraft's survey of SSL sites has now been running for over ten years. The first survey, in November 1996, found just 3,283 sites; since then, the number of SSL sites has had an average compound growth of 65% per annum.

Number of secure sites 1997-2007


The survey is a good guide to the growth of online trading and services. The survey counts sites by collecting SSL certificates; each distinct, valid SSL certificate is counted in the results. Each SSL certificate typically represents one company's details, and each certificate must be approved by a certificate authority, so the data is typically more consistent and less volatile than other attributes of the Internet's infrastructure.

Continue reading

American DNS Providers Continue Services to UK Betting Sites

The U.S. crackdown on online gambling company BetOnSports appears unlikely to spark dramatic shifts in the geography of the online gambling industry in the short term. American DNS service providers and DDoS mitigation companies are continuing to provide services to UK betting sites, while initial fears about the British government's extradition policy have eased somewhat. But some international betting services are barring U.S. residents, and up-and-coming offshore "data havens" are likely to be of growing interest to UK-based gambling operations.

It will take time for the broader implications of the U.S. charges against to become clear. CEO David Carruthers was arrested Sunday in Dallas/Fort Worth airport as he changed flights on his way from London to Costa Rica (where BetOnSports is based) and charged with conspiracy, fraud and racketeering. Also named in the indictment were Florida companies that provided marketing services to BetonSports. While those charges dealt specifically with the transport of gambling equipment to offshore sites, the inclusion of the companies has raised concern among U.S. companies providing services to international gambling sites.

Neustar Ultra Services (formerly UltraDNS) is continuing to provide DNS management services to and several other UK gambling sites. Prolexic, a Florida provider specializing in mitigation of DDoS attacks, also counts offshore gambling web sites as customers. Gambling sites are frequent targets of attacks from DDoS blackmail schemes.

Continue reading

Apache Now the Leader in SSL Servers

Apache has overtaken Microsoft as the leading developer of secure web servers. Apache now runs on 44.0% of secure web sites, compared to 43.8% for Microsoft.

SSL server developer share

As the original developers of the SSL protocol, Netscape started out with a lead in the SSL server market. But they were soon overtaken by Microsoft's Internet Information Server, which within a few years held a steady 40-50% of the SSL server market.

Apache has taken much longer to reach the top. Version 1 of Apache did not include SSL support : in the 1990s, US export controls, and the patent on the RSA algorithm in the US, meant that cryptographic support for open source projects had to be developed outside of the US, and were distributed separately. Several independent projects provided SSL support for Apache, including Apache-SSL and mod_ssl; but commercial spin-offs, like Stronghold by c2net (later bought by Red Hat), were more popular at that time.

Continue reading