Saturday, February 28, 2009

Phishing for USE Credit Union Members

As promised here is my next post already. Couldn't have been 30 minutes ago when I promised that I would keep them coming. This post involves cell phone phishing scams. lately I've received text messages from what appears to be USE Credit Union.

The text message alerts the recipient of Unauthorized Identity Access then directs them to visit a fraudulent website which requires entry of credit/debit card information. Text book lack of an SSL Connection,privacy warnings displayed in the browser,etc.
Viewing the source of the page revealed a well comment application for customized credit card theft...

This time it was phishing next time could easily be a targeted attack with malicious code dropping a back door.

Its been a whole year

I've got to post more often.. It was never my intention to do a post a year, LoL. Its been an interesting year and I have encountered many new exciting challenges in my career in Information Security. I have added the interest & responsibilities of managing enterprise level security to my daily concerns. Just a year ago, exploits, malware, firewall rule sets and IPS tunning dominated my duties. Now I've added Metrics, Dashboards, Average Loss Expectancies, Risk Assessments and regulatory requirements. I guess I'll count it as gaining maturity as a security professional. With that said, there is no excuse... Not only do I need to post more often, it now seems to be psychological necessity..

More to come