Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > NZ Computing > How long does it take BNZ to shut down this phishing email??

Reply
Thread Tools

How long does it take BNZ to shut down this phishing email??

 
 
Mutlley
Guest
Posts: n/a
 
      06-09-2006
I'm still getting about 20 a day..
 
Reply With Quote
 
 
 
 
thingy
Guest
Posts: n/a
 
      06-09-2006
Mutlley wrote:
> I'm still getting about 20 a day..


If it is coming from a distributed broadband attack, never.....there
could be 10~30,000+ slaves out there pumping it out from outside
NZ....just cannot be done...

All BNZ can do is warn its customers and pay particular attention to
strange transfers.....

regards

Thing
 
Reply With Quote
 
 
 
 
wogers nemesis
Guest
Posts: n/a
 
      06-09-2006
On Fri, 09 Jun 2006 15:33:55 +1200, Mutlley wrote:

> I'm still getting about 20 a day..


I suspoect their Netguard card will be compulsory much, much sooner.

The phishers also need better hosting as their site was so slow it timed
out. I hope it has been taken down by now...
 
Reply With Quote
 
Vista
Guest
Posts: n/a
 
      06-09-2006

"Mutlley" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> I'm still getting about 20 a day..


How can BNZ shut it down. They aren't the ones who are sending them!


 
Reply With Quote
 
Matty F
Guest
Posts: n/a
 
      06-09-2006
Vista wrote:
> "Mutlley" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
>
>>I'm still getting about 20 a day..

>
>
> How can BNZ shut it down. They aren't the ones who are sending them!
>

They can shut down the sites that the emails link to, within
minutes of the emails arriving. There are various ways of doing
that, but I suggest a DOS attack is the quickest. With the amount
of money the NZ banks are having to repay their customers who
fall into the trap, they could pay someone full-time to get rid
of the sites as they are created.
But nobody seems to care. I've now had 44 BNZ phishing emails, 8
ANZ, 1 Barclays, 7 Commonwealth Bank, and 18 NAB.

 
Reply With Quote
 
Jason Clinton
Guest
Posts: n/a
 
      06-09-2006
On Fri, 09 Jun 2006 20:10:31 +1200, Matty F <(E-Mail Removed)>
wrote:

>Vista wrote:
>> "Mutlley" <(E-Mail Removed)> wrote in message
>> news:(E-Mail Removed)...
>>
>>>I'm still getting about 20 a day..

>>
>>
>> How can BNZ shut it down. They aren't the ones who are sending them!
>>

>They can shut down the sites that the emails link to, within
>minutes of the emails arriving.


Doesn't stop the emails though
 
Reply With Quote
 
alastair.geek.nz
Guest
Posts: n/a
 
      06-09-2006
wogers nemesis wrote:

> On Fri, 09 Jun 2006 15:33:55 +1200, Mutlley wrote:


> > I'm still getting about 20 a day..


> I suspoect their Netguard card will be compulsory much, much sooner.
> The phishers also need better hosting as their site was so slow it timed
> out. I hope it has been taken down by now...


I ordered a Netguard card when they were first introduced over a month
ago but it still hasn't turned up. The last I heard was two weeks ago
when their call centre operator admitted that they had underestimated
demand, and they would have one to me 'soon'.

The Netguard card will provide some protection against phishing scams,
but the best way to avoid being sucked in by these scams is to just
exercise common sense. Victims of keyloggers may find themselves
eventually out of pocket even if they have the Netguard service, since
a keylogging program could reconstruct that user's Netguard matrix over
time.

 
Reply With Quote
 
Crash
Guest
Posts: n/a
 
      06-10-2006
alastair.geek.nz wrote:
[snip]
> The Netguard card will provide some protection against phishing scams,
> but the best way to avoid being sucked in by these scams is to just
> exercise common sense. Victims of keyloggers may find themselves
> eventually out of pocket even if they have the Netguard service, since
> a keylogging program could reconstruct that user's Netguard matrix over
> time.
>

The netguard card uses an x/y co-ordinates to identify a character - i.e. A7 is
H (on my card at least) that the login screen prompts for 3 such characters.
All the key logger will see is the value of the 3 fields entered - bit bot the
value of the coordinates they are relative to. Given that the x/y coordinates
asked for vary every time (unlike passwords that are used repeatedly) how can
key loggers 'break' netguard? I am simply curious.

Crash.
 
Reply With Quote
 
wogers nemesis
Guest
Posts: n/a
 
      06-10-2006
On Sat, 10 Jun 2006 16:50:23 +1200, Crash wrote:

> alastair.geek.nz wrote:
> [snip]
>> The Netguard card will provide some protection against phishing scams,
>> but the best way to avoid being sucked in by these scams is to just
>> exercise common sense. Victims of keyloggers may find themselves
>> eventually out of pocket even if they have the Netguard service, since
>> a keylogging program could reconstruct that user's Netguard matrix over
>> time.
>>

> The netguard card uses an x/y co-ordinates to identify a character - i.e. A7 is
> H (on my card at least) that the login screen prompts for 3 such characters.
> All the key logger will see is the value of the 3 fields entered - bit bot the
> value of the coordinates they are relative to. Given that the x/y coordinates
> asked for vary every time (unlike passwords that are used repeatedly) how can
> key loggers 'break' netguard? I am simply curious.
>
> Crash.


I assume he is talking about a customisied keylogger that keeps a copy of
web pages of the banking login page and sends them off to the hacker (and
so they can match coords to info entered by the user).

I alos imagine the next BNZ phishing site will have something silly such
as: Please fill in this grid as it exactly appears on your Netguard card -
and so replicate the card - with some tagline "We decided that just asking
for three values wasn't enough "
 
Reply With Quote
 
alastair.geek.nz
Guest
Posts: n/a
 
      06-10-2006
Crash wrote:

> alastair.geek.nz wrote:


> > The Netguard card will provide some protection against phishing scams,
> > but the best way to avoid being sucked in by these scams is to just
> > exercise common sense. Victims of keyloggers may find themselves
> > eventually out of pocket even if they have the Netguard service, since
> > a keylogging program could reconstruct that user's Netguard matrix over
> > time.


> The netguard card uses an x/y co-ordinates to identify a character - i.e. A7 is
> H (on my card at least) that the login screen prompts for 3 such characters.
> All the key logger will see is the value of the 3 fields entered - bit bot the
> value of the coordinates they are relative to. Given that the x/y coordinates
> asked for vary every time (unlike passwords that are used repeatedly) how can
> key loggers 'break' netguard? I am simply curious.


I was thinking that a really smart piece of spyware could determine the
grid coordinates that the user is prompted for, and record the user's
response. If left undetected for a long period of time, it could
eventually determine the values of most or all of the cells on the
card.

You're right, though, in that a traditional 'keylogging' program
wouldn't be enough to break through Netguard's protection, so it makes
it considerably more difficult for scamsters to succeed. Ultimately,
two factor authentication isn't intended to be bulletproof, but coupled
with common sense and other precautions, it will make Internet banking
pretty safe.

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Re: How include a large array? Edward A. Falk C Programming 1 04-04-2013 08:07 PM
Having compilation error: no match for call to (const __gnu_cxx::hash<long long int>) (const long long int&) veryhotsausage C++ 1 07-04-2008 05:41 PM
BNZ phishing scam warning Peter Huebner NZ Computing 10 06-09-2006 05:45 AM
Long timew to shut down. MsyJsy Computer Support 0 07-05-2004 07:34 PM
BNZ Internet banking Bruce Sinclair NZ Computing 23 05-26-2004 10:53 AM



Advertisments