IBM Reports On Spear Phishers 169
FrenchyinOntario writes "IBM reports that while "regular" phishing is declining the black hats are now engaging in targeted spear phishing to glean as much information about a specific identity as they can for all the usual cybercrime reasons. It concerns authorities because the usual suspects - criminal and terrorist organizations - will want to take advantage of this, but the chilling part is how your identity will now be dependent on multiple institutions protecting your personal information, as opposed to eBay, PayPal, your bank, etc."
I have to say ... (Score:4, Interesting)
it's bad on IRC (Score:3, Interesting)
An Open Information Society (Score:5, Interesting)
Opportunity to make a difference? (Score:5, Interesting)
Re:A way around this... (Score:1, Interesting)
Multiple institutions *are* responsible (Score:5, Interesting)
The way I see it, all personal information I send to a particular company should be confidential and protected. Some if it they simply don't need. For instance, why the hell did the clerk at Hollywood Video ask for my SSN to open a damn account to rent movies?! They did not need my SSN and I sure as hell didn't give it to him either, but it makes me wonder how many people actually *have* given out their SSN just for a Hollywood Video account. Not good.
If a company does not protect my personal information and it gets stolen and/or misused, you bet your ass they'd see some backlash from me. The only bad thing is, it's hard to figure out exactly *which* company that held your personal information was compromised. It's certainly not like they're going to volunteer the fact that they were comprimised, otherwise you might take your business elsewhere (to a more responsible company). Just look at the millions of people who had their information on backup tapes "misplaced" by a UPS driver (posted on slashdot a while back) after the company was stupid enough to send that info via UPS to begin with.
Companies that have our personal information need to be held accountable on how they handle it and should be prosecuted to the fullest when they mishandle it.
Re:I have to say ... (Score:1, Interesting)
I suggest you actually listen to some of it today.... in fact you have, many hit the top 40 charts in "secular alternative" music over the past 5 years.
the clueless like you stay on your path to what you think. the rest of us get bit shit eating grins as you not realize that bands like Creed and others are simply christian rock bands that are flying under the radar subverting you in your music... (OMFG! I better listen to some Insane clown Possee to cleanse my soul of this evil christanity! OMFG! OMFG! OMFG!)
Oh let's forget that alternative HIt from 3 years ago "flood" that STILL shows up in airplay on the "aleternative rock" stations around the country....
get a clue. you know nothing about which you speak of.
Re:Multiple institutions *are* responsible (Score:3, Interesting)
Video places use it for a credit check. They're loaning you a movie.
On the other hand, here's a trick I learned. When you're asked for a SSN, say "I'm soooo sorry! I didn't think I needed it. I'll have to come back!" 90% of the time, the clerk will just say "We really don't need it, just hang on." I kid you not! Try it! It pisses me off that a lot of firms "require" this information but when you balk or plead stupidity (in my case),it's amazing how it all of a sudden "doesn't matter."
When I was taking a marketing class, we were told by the Prof. that to get information for whatever reason, all we had to do was ask. Most people just hand it over. I would love to get into the social reasons for this, but for now, I'll just say that we're all (in Western countries at least) to just shutup and hand over anything anyone in authority or perceived authority requests...I'm starting to rant and my spellink is going to hell. Off to the porn sitesss!
Re:A way around this... (Score:3, Interesting)
If we're going to get ID cards, I'd at least want them to be useful. At this point I'm in more danger of having my identity stolen than of being tracked by black helicopters...
Identity proxy (Score:3, Interesting)
You'd end up having to trust that one company, but a single company could quite easily put in place policy and technology to keep your identity safe... that would be their primary focus. That's unlike eBay and others who really just want to do business with you and happen to also have your personal information. Their policies aren't as good as they need to be.
Besides, with your info only at one place it'd make spear phishing much harder: no relying on little bits of info from many places as a hacker would need to get all your personal info from one place.
LMAO Re:I have to say ... (Score:1, Interesting)
The charts are for record label execs and commercial radio playlist programmers, and all they really measure these days is payola, ad rates, product placement, how many units were pressed and shipped to stores - *not* how many cds were bought by actual paying customers, or how many people are actually hearing the chosen "hits" on radio. It's a scam.
"College alternative" is a demographic; there is no "secular alternative" listing in the industry trade journals (ie - Billboard, etc), though I wouldn't be surprised if the xtians made up a category for their own marketing purposes in their internal industry reports.
"College alternative" was created as a demographic in the early 1990s when the major labels finally figured out that Gen-X was *not* listening to "top 40 classic rock" stations that were still playing Boston and Journey, and that the major labels had missed out on almost an entire decade of truly underground (at the time) college music, ie - Sonic Youth, Husker Du, Negativland and the whole 1980s SST Records catalog; the dance/industrial scene - Skinny Puppy, Front 242, FLA, Ministry, Coil, Nine Inch Nails, etc; misc acts like the Red Hot Chili Peppers, Jane's Addiction, Love & Rockets, the Butthole Surfers - *this* was the real underground college scene.
When "college alternative" finally wound up in Billboard in the early 1990s, Nirvana and grunge were taking off, and *this* is what the labels decided the underground college music scene was supposed to sound like, forever and ever, amen. The major labels are big corporations, and big corporations hate change, partially because they are slow to react. This is also why the "college alternative" charts have been dominated by the same-sounding, easily forgotten grunge-ish retread acts for almost 15 years, and why what you actually hear on college radio stations has little resemblance to the industry trades. As long as the majors can keep turning a profit by marketing product under this label, they don't care if it accurately reflects what people are listening to in the demographic, or if anyone is actually listening to it period.
Commercial radio in the US is dying a well-deserved death, losing listeners to commercial-free college and community stations, XM, streaming internet radio (especially for non-US news) and podcasts, LPFM and (of course) mp3 trading. I'm forced to endure typical commercial radio stations a few times a week in the gym, and I can't believe how horrible it's become, or that anyone can leave it on even as background noise for more than a few minutes. Unfunny morning shock-jocks, the same limited playlist cycling every 90-120 minutes, and over half the content is advertising that's screamed at you in as obnoxious a fashion as possible. Good luck sneaking Jeebus in that mess anywhere and actually getting anyone to hear it.
Which brings us back to the whole "subverting" non-xtian secular music by Jeebus bands pretending to be something else. It just doesn't work. People who don't want to be preached to can spot it a mile away, plus the xtian rock acts are mind-numbingly boring, unoriginal and derivative (IMO); gimmie an xtian band that does something crazy-interesting like, say, Einsturzende Naubauten, or Tom Waits, or even mid-60s John Co
Re:A way around this... (Score:2, Interesting)
No one ever explains why this is better than an ID/account number and password?
Lyal