Customers of UK banks and brokerages attacked with new wave of fraud and theft

In the last week criminals have made attacks on customers of many of the UK's largest banks and brokerages, attempting to persuade them to reveal their account's username, password, and other authenticating information, by sending a verification mail with a forged source address, and a url that appears to be associated with the recipients bank or brokerage.

Users of collaborative spam detection systems such as Vipul's Razor, are quite well protected against these fradulent mail attacks, as early recipients of the message will report the message, and subsequent recipients will not even see the message in their normal mail routine.

However, the steadily increasing numbers of well heeled, but technically unsophisticated people making use of internet banking are greatly at risk to this type of attack. Although the mail below is aimed at Barclays customers, similar mails targeting the customers of National Westminster, the Halifax Bank and the brokerage T D Waterhouse have been reported during the past week, and every bank and brokerage can reasonably expect that their own customers will be targeted, as the potential of emptying out large numbers of people's bank accounts is so attractive to criminals, and the fact that some banks have taken their sites offline may indicate that they are seeing a volume of suspicious withdrawls.

Continue reading

Domain Registrars Eye Shared Hosting for Expansion

Discount domain name registrars are actively targeting the web hosting market, offering rock-bottom pricing on shared hosting accounts in a bid to attract customers from established hosts. These providers are hoping to repeat their success in the domain name market, where millions of domains have shifted from Network Solutions to cheaper registrars.

Leading the charge is Go Daddy, which over the past two years has emerged as the pacesetter in the domain name market. Go Daddy's shared hosting business has grown rapidly since August 5, when it beefed up the account features on its hosting plans and cut prices to as low as $3.95 a month.

Active Sites at Go Daddy, 2003

Continue reading

Linux encroaching further into sun.com

Ever since shortly after Sun's acquisition of Cobalt three years ago, some sun.com sites have run Linux. However, more recently, Linux is being used for Sun sites that appear unconnected with the Cobalt product range. Sun sites running on Linux include supportforum.sun.com, and srsnetconnect.sun.com.

The netblock listings indicate that all of these sites are outsourced by Sun, and it may be the case that the more the company outsources, the harder it is to avoid their sites running on Linux rather than Solaris.

Sustained DDoS Wobble Prominent Weblogs

A series of distributed denial of service attacks has made for a tough week for the "Blogosphere," the fast-growing community of weblogs. Many of the best-read blogs are hosted by Hosting Matters, a Jacksonville, Fla. provider that was knocked offline for a total of 15 hours in three separate attacks from Oct. 16-21.

The DDoS attacks appear to have targeted Internet Haganah, which seeks to identify web sites with terrorist links and then lobbies hosting providers to shut down the suspect sites. Internet Haganah operator Aaron Weisburd says his site was targeted by Al Qaeda sympathizers, while reps from Hosting Matters declined to identify either the target or attacker. Hosting Matters was flooded by up to 150 megabytes of data per second on Oct. 16, leaving most clients offline for much of that day and again on Oct. 20 and 21.

Continue reading