Category Archives: The Coming Storm

This category includes blog posts about computer and Internet security threats now and on the horizon.

Toward a Culture of Security Measurement

September 2, 2010

“Our dependence on all things cyber as a society is now inestimably irreversible and irreversibly inestimable.”

Yeah, I had to re-read that line a few times, too. Which is probably why I’ve put off posting a note here about the article from which the above quote was taken, a thought-provoking essay in the Harvard National Security Journal by Dan Geer, chief information security philosopher officer for In-Q-Tel, the not-for-profit venture capital arm of the Central Intelligence Agency.

Researchers Kneecap ‘Pushdo’ Spam Botnet

August 27, 2010

7 Comments

Security researchers have dealt a mighty blow to a spam botnet known as Pushdo, a massive grouping of hacked PCs that until recently was responsible for sending more than 10 percent of all e-mail worldwide.

Shunning and Stunning Malicious Networks

August 10, 2010

22 Comments

McAfee just published the sixth edition of its Security Journal, which includes a lengthy piece I wrote about the pros and cons of taking down Internet service providers and botnets that facilitate cyber criminal activity. The analysis focuses on several historical examples of what I call “shuns” and “stuns,” or taking out rogue networks either by ostracizing them, or by kneecapping their infrastructure in a coordinated surprise attack, respectively.

Sophisticated ATM Skimmer Transmits Stolen Data Via Text Message

June 17, 2010

45 Comments

Operating and planting an ATM skimmer — cleverly disguised technology that thieves attach to cash machines to intercept credit and debit card data — can be a risky venture, because the crooks have to return to the scene of the crime to retrieve their skimmers along with the purloined data. Increasingly, however, criminals are using ATM skimmers that eliminate much of that risk by relaying the information via text message.

Devious New Phishing Tactic Targets Tabs

May 24, 2010

141 Comments

Most Internet users know to avoid the telltale signs of phish bait: An e-mail that asks you to click on a link and enter your e-mail or banking credentials at the resulting Web site. But a new phishing concept that exploits user inattention and trust in browser tabs may fool even the most wary Web surfers.

Visa Warns of Fraud Attack from Criminal Group

May 8, 2010

17 Comments

Visa on Friday warned banks that it has received reliable intelligence that an organized criminal group plans to attempt to move large amounts of fraudulent payments through a merchant account in Eastern Europe over the weekend.

McAfee False Detection Locks Up Windows XP

April 21, 2010

23 Comments

McAfee’s anti-virus software is erroneously detecting legitimate Windows system files as malicious, causing reboot loops and serious stability problems for many Windows XP users, according to multiple reports.

Fraud Fighter ‘Bobbear’ to Hang Up His Cape

April 17, 2010

10 Comments

The owner and curator of bobbear.co.uk, a site that serves as one of the Internet’s most active and thorough index of fraud-related Web sites, announced Saturday that will he will be shuttering the site at the end of April.

Computer Crooks Steal $100,000 from Ill. Town

April 6, 2010

32 Comments

A rash of home foreclosures and abandoned dwellings had already taken its toll on the tax revenue for the Village of Summit, a town of 10,000 just outside Chicago. Then, in March, computer crooks broke into the town’s online bank account, making off with nearly $100,000.

e-Banking Guidance for Banks & Businesses

April 6, 2010

14 Comments

One bit of criticism I’ve heard about my stories on small businesses losing their shirts over online banking fraud is that I don’t often enough point out what banks and customers should be doing differently to lessen the chance of suffering one of these incidents. As it happens, a source of mine was recently at a conference where one of the key speakers was a senior official from the Office of the Comptroller of the Currency, one of the main banking industry regulators.