Firefox version of Netcraft Toolbar Available

A version of the Netcraft Toolbar for the Firefox web browser is now available.


The toolbar runs on any operating system supported by Firefox and displays the hosting location, country, longevity, popularity, and an abstracted risk rating for each site visited.

Additionally, the toolbar blocks access to phishing sites reported by other members of the Netcraft Toolbar community and validated by Netcraft, mobilizing the community into a giant neighborhood watch scheme which empowers the most alert and experienced members to protect the vulnerable against fraud and phishing attacks. Well over 7,000 phishing sites have been detected and blocked by people using the Netcraft Toolbar since the system started at the turn of the year.

It is available to download from the Toolbar website, and requires no special administrator privileges to install.

Customized versions with corporate branding and navigation are also available.

Security Breach at US Banks Offers Opportunity for Phishers

Subject: Urgent Security Information.
Subject: Account Incident.
Subject: Your Account Has Been Compromised.

Is it real, or is it a phishing scam? This week's headlines give unintended credibility to one of the phisher's most effective social engineering tactics - the urgent warning that a customer's account has been compromised. The phishers' fiction has become a grim reality for hundreds of thousands of customers of America's biggest banks, which are now notifying customers that their information may be at risk. But the banks aren't specifying how they are notifying customers - a critical detail for anxious account holders, who may be ripe to succumb to bogus email "security alerts" from phishing fraudsters.

New Jersey authorities say a bank fraud scam compromised the accounts of at least 676,000 customers of Bank of America, Wachovia Bank, PNC Bank and Commerce Bancorp. Police in Hackensack, N.J. say the customer records were stolen by bank employees and sold to Orazio Lembo, who paid $10 per account for the records and then sold them to law firms and collection agencies. Nine people have been arrested, and the investigation continues. At least 60,000 Bank of America and 48,000 Wachovia customers in seven states have already been notified that their accounts might be at risk, the banks said.

Continue reading

Researcher: Attack Could Expose SSL Certs on Shared Servers

A security researcher has discovered a flaw in Intel processors that could allow a malicious user to steal data from other users on a shared computer, including details of SSL certificates. The attack documented by Colin Percival involves hyperthreading, a technique which boosts processor performance. Percival found that hyperthreading might enable timing attacks, complex operations that expose private information by measuring the amount of time required to perform cryptographic operations.

The research has prompted debate in the security community about whether such attacks are likely, and how best to respond. Percival says that the majority of systems are unaffected, but shared web hosting servers are "a very major target for this attack."

Continue reading

Honeynet Reports on Traffic to Phishing Sites

Despite months of intensive anti-fraud education efforts by the banking industry, new research shows that phishing attacks can easily generate hundreds of visits to a spoofed site in a short period of time, as victims continue to click on malicious links in "bait" emails.

The study of phishing scams hosted on cracked web servers from The Honeynet Project documented two recent attacks that attracted hundreds of click-throughs from unknowing users. A UK site mimicking a major US bank received 256 visits in 4 days, while a compromised German server redirected 721 users in just 36 hours to a PayPal phishing site hosted in China.

Continue reading

Online Vigilantes Fight Back Against Phishing Fraudsters

As fraudsters continue to target their victims with increasingly elaborate phishing sites, the surprise appearance of anti-phishing vigilantes is now hampering their operations.

A PayPal phishing site recently reported by the Netcraft Toolbar community was promptly taken down; not by the hoster or law enforcement agency, but seemingly by a vigilante with an interest in disabling such sites and protecting innocent web users:


The phishing site was replaced with a warning page, created with the open source suite on Windows. The identity of "sickophish" is not known, nor is it known how he gained access to the web server to perform the act of vigilantism.

Phishing sites are commonly found hosted on compromised web servers, where lack of security allows fraudsters to access machines and upload phishing content. If a fraudster exploits these security weaknesses without subsequently securing the machine, then online vigilantes are just as likely to exploit the weaknesses to go in and replace the fraudulent content.

Another phishing site – this time imitating NatWest Bank in the UK – was recently defaced by The Lad Wrecking Crew, which has been involved in several previous defacements and even offers a selection of desktop wallpapers that can be placed on "captured" phishing sites.


Typical messages added to captured sites include, "Were you looking for the bank that was supposed to be here? We trashed it because it wasn't real," continuing with, "You could have lost thousands of dollars of your hard-earned life-savings! There is no need to thank us, really."

While phishing is undoubtedly an illegal activity, the legality of defacing phishing sites is also quite questionable, but in cases observed by Netcraft so far it is reasonable to assume that only the fraudsters themselves have been disadvantaged.

Netcraft provides a free anti-phishing Toolbar which offers protection against phishing sites, as well as providing the opportunity to report new phishing sites. So far this year, the Netcraft Toolbar community has reported over 6,600 different phishing sites, and this list of sites is also available as a feed suitable for integration with web proxies and mail filters.

Microsoft Offers Improved Blogging Tools to Windows Hosters

Microsoft has released an updated suite of tools for hosting providers, which will make it easier for Windows hosting customers to create blogs and online forums.

The Web Site Starters included in the suite (Microsoft Solutions for Windows-Based Hosting Version 3.5) are designed to help hosting partners improve their efficiency and lower the costs of Windows hosting. The new release integrates Telligent's Community Server blogging system and DotNetNuke, an open source content management system designed for Microsoft's ASP.NET platform.

The explosion of interest in blogs in the past year has increased customer demand for user-friendly weblog apps. Technorati says it now monitors more than 10 million blogs, while Feedster tracks more than 6.8 million RSS feeds. But the fast-growing blog software and hosting market has been dominated by programs designed for the Apache web server, rather than Windows servers. That includes publishing tools like Movable Type, WordPress and Drupal, as well as hosted blogging services such as Blogger, LiveJournal and Tucows' Blogware, a private-label service for hosting resellers.

Continue reading