How long does it take BNZ to shut down this phishing email??

Discussion in 'NZ Computing' started by Mutlley, Jun 9, 2006.

  1. Mutlley

    Mutlley Guest

    I'm still getting about 20 a day..
     
    Mutlley, Jun 9, 2006
    #1
    1. Advertising

  2. Mutlley

    thingy Guest

    Mutlley wrote:
    > I'm still getting about 20 a day..


    If it is coming from a distributed broadband attack, never.....there
    could be 10~30,000+ slaves out there pumping it out from outside
    NZ....just cannot be done...

    All BNZ can do is warn its customers and pay particular attention to
    strange transfers.....

    regards

    Thing
     
    thingy, Jun 9, 2006
    #2
    1. Advertising

  3. On Fri, 09 Jun 2006 15:33:55 +1200, Mutlley wrote:

    > I'm still getting about 20 a day..


    I suspoect their Netguard card will be compulsory much, much sooner.

    The phishers also need better hosting as their site was so slow it timed
    out. I hope it has been taken down by now...
     
    wogers nemesis, Jun 9, 2006
    #3
  4. Mutlley

    Vista Guest

    "Mutlley" <> wrote in message
    news:...
    > I'm still getting about 20 a day..


    How can BNZ shut it down. They aren't the ones who are sending them!
     
    Vista, Jun 9, 2006
    #4
  5. Mutlley

    Matty F Guest

    Vista wrote:
    > "Mutlley" <> wrote in message
    > news:...
    >
    >>I'm still getting about 20 a day..

    >
    >
    > How can BNZ shut it down. They aren't the ones who are sending them!
    >

    They can shut down the sites that the emails link to, within
    minutes of the emails arriving. There are various ways of doing
    that, but I suggest a DOS attack is the quickest. With the amount
    of money the NZ banks are having to repay their customers who
    fall into the trap, they could pay someone full-time to get rid
    of the sites as they are created.
    But nobody seems to care. I've now had 44 BNZ phishing emails, 8
    ANZ, 1 Barclays, 7 Commonwealth Bank, and 18 NAB.
     
    Matty F, Jun 9, 2006
    #5
  6. On Fri, 09 Jun 2006 20:10:31 +1200, Matty F <>
    wrote:

    >Vista wrote:
    >> "Mutlley" <> wrote in message
    >> news:...
    >>
    >>>I'm still getting about 20 a day..

    >>
    >>
    >> How can BNZ shut it down. They aren't the ones who are sending them!
    >>

    >They can shut down the sites that the emails link to, within
    >minutes of the emails arriving.


    Doesn't stop the emails though
     
    Jason Clinton, Jun 9, 2006
    #6
  7. wogers nemesis wrote:

    > On Fri, 09 Jun 2006 15:33:55 +1200, Mutlley wrote:


    > > I'm still getting about 20 a day..


    > I suspoect their Netguard card will be compulsory much, much sooner.
    > The phishers also need better hosting as their site was so slow it timed
    > out. I hope it has been taken down by now...


    I ordered a Netguard card when they were first introduced over a month
    ago but it still hasn't turned up. The last I heard was two weeks ago
    when their call centre operator admitted that they had underestimated
    demand, and they would have one to me 'soon'.

    The Netguard card will provide some protection against phishing scams,
    but the best way to avoid being sucked in by these scams is to just
    exercise common sense. Victims of keyloggers may find themselves
    eventually out of pocket even if they have the Netguard service, since
    a keylogging program could reconstruct that user's Netguard matrix over
    time.
     
    alastair.geek.nz, Jun 9, 2006
    #7
  8. Mutlley

    Crash Guest

    alastair.geek.nz wrote:
    [snip]
    > The Netguard card will provide some protection against phishing scams,
    > but the best way to avoid being sucked in by these scams is to just
    > exercise common sense. Victims of keyloggers may find themselves
    > eventually out of pocket even if they have the Netguard service, since
    > a keylogging program could reconstruct that user's Netguard matrix over
    > time.
    >

    The netguard card uses an x/y co-ordinates to identify a character - i.e. A7 is
    H (on my card at least) that the login screen prompts for 3 such characters.
    All the key logger will see is the value of the 3 fields entered - bit bot the
    value of the coordinates they are relative to. Given that the x/y coordinates
    asked for vary every time (unlike passwords that are used repeatedly) how can
    key loggers 'break' netguard? I am simply curious.

    Crash.
     
    Crash, Jun 10, 2006
    #8
  9. On Sat, 10 Jun 2006 16:50:23 +1200, Crash wrote:

    > alastair.geek.nz wrote:
    > [snip]
    >> The Netguard card will provide some protection against phishing scams,
    >> but the best way to avoid being sucked in by these scams is to just
    >> exercise common sense. Victims of keyloggers may find themselves
    >> eventually out of pocket even if they have the Netguard service, since
    >> a keylogging program could reconstruct that user's Netguard matrix over
    >> time.
    >>

    > The netguard card uses an x/y co-ordinates to identify a character - i.e. A7 is
    > H (on my card at least) that the login screen prompts for 3 such characters.
    > All the key logger will see is the value of the 3 fields entered - bit bot the
    > value of the coordinates they are relative to. Given that the x/y coordinates
    > asked for vary every time (unlike passwords that are used repeatedly) how can
    > key loggers 'break' netguard? I am simply curious.
    >
    > Crash.


    I assume he is talking about a customisied keylogger that keeps a copy of
    web pages of the banking login page and sends them off to the hacker (and
    so they can match coords to info entered by the user).

    I alos imagine the next BNZ phishing site will have something silly such
    as: Please fill in this grid as it exactly appears on your Netguard card -
    and so replicate the card - with some tagline "We decided that just asking
    for three values wasn't enough " :)
     
    wogers nemesis, Jun 10, 2006
    #9
  10. Crash wrote:

    > alastair.geek.nz wrote:


    > > The Netguard card will provide some protection against phishing scams,
    > > but the best way to avoid being sucked in by these scams is to just
    > > exercise common sense. Victims of keyloggers may find themselves
    > > eventually out of pocket even if they have the Netguard service, since
    > > a keylogging program could reconstruct that user's Netguard matrix over
    > > time.


    > The netguard card uses an x/y co-ordinates to identify a character - i.e. A7 is
    > H (on my card at least) that the login screen prompts for 3 such characters.
    > All the key logger will see is the value of the 3 fields entered - bit bot the
    > value of the coordinates they are relative to. Given that the x/y coordinates
    > asked for vary every time (unlike passwords that are used repeatedly) how can
    > key loggers 'break' netguard? I am simply curious.


    I was thinking that a really smart piece of spyware could determine the
    grid coordinates that the user is prompted for, and record the user's
    response. If left undetected for a long period of time, it could
    eventually determine the values of most or all of the cells on the
    card.

    You're right, though, in that a traditional 'keylogging' program
    wouldn't be enough to break through Netguard's protection, so it makes
    it considerably more difficult for scamsters to succeed. Ultimately,
    two factor authentication isn't intended to be bulletproof, but coupled
    with common sense and other precautions, it will make Internet banking
    pretty safe.
     
    alastair.geek.nz, Jun 10, 2006
    #10
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. MsyJsy

    Long timew to shut down.

    MsyJsy, Jul 5, 2004, in forum: Computer Support
    Replies:
    0
    Views:
    383
    MsyJsy
    Jul 5, 2004
  2. jw 1111

    long downloads shut down OE

    jw 1111, Jan 3, 2006, in forum: Computer Support
    Replies:
    5
    Views:
    415
    Don_Luciano
    Mar 19, 2006
  3. Bruce Sinclair

    BNZ Internet banking

    Bruce Sinclair, May 24, 2004, in forum: NZ Computing
    Replies:
    23
    Views:
    4,345
  4. Peter Huebner

    BNZ phishing scam warning

    Peter Huebner, Jun 7, 2006, in forum: NZ Computing
    Replies:
    10
    Views:
    721
    wogers nemesis
    Jun 9, 2006
  5. LarryWestMCSD
    Replies:
    1
    Views:
    1,853
    Dark Matter
    Jan 27, 2007
Loading...

Share This Page