Information Protection and Security

Researchers are monitoring a trick that makes it harder to track and shut down fraudulent websites.
Article link

A Police Central e-Crime Unit operation leads to a £600,000 internet fraud gang facing jail.
Article link

The phishing schemes mainly targeted Bank of America and Wells Fargo online banking users and were run from Egypt. Criminals sought to duplicate the bank’s online banking portals by creating authentic-looking replicas; mass email messages were subsequently sent to a great number of Bank of America and Wells Fargo online users, directing them to the false websites and asking them to enter their secret account login details, as well as other types of sensitive personal information such as their bank account numbers, Social Security numbers and drivers’ license numbers.

Phishing scam may also have breached e-mail services offered by Google and Yahoo.
Article link

A two-year international phishing investigation involving the FBI and authorities in Egypt has led to charges against 53 people in the U.S. and 47 overseas.
Article link

The head of the FBI has stopped banking online after nearly falling for a phishing attempt.
Article link

Complaints about phishing have been coming in for a couple of years.  Most of us know what phishing is, and when something sounds like it's too good to be true, it probably is.  

"Apart from accessing the user's Webmail accounts, e-mail addresses are commonly used to log into social networking sites,” Wood said. “So with a successful phishing attack, the bad guys not only gain access to an individual's e-mail account, but also a variety of other sites that may be linked to that account. People should be advised not to share the same password for these sites and should change their passwords at least every 90 days."

Microsoft confirmed thousands of Hotmail customers had their usernames and passwords posted recently on a third-party site as a result of a likely phishing attack. An investigation by Microsoft has determined that there was no breach of internal data on the company's part.
Article link

From Microsoft Live: As of 3pm PT, Monday: We want to provide a quick update, that as a result of our investigation we are taking measures to block access to all of the accounts that were exposed and have resources in place to help those users reclaim their accounts.