Not all browser nets can catch the same phish. One Friday evening, just before I wanted to go home, I received an interesting email.
It contained sentences like “ We recently reviewed your account, and suspect that your PayPal account
may have been accessed by an unauthorized third party” and words like “protected“, “security” and “unauthorized“. Of course, at the end of the email, there were directions to click on a “Paypal” link to update information like login name and password.
In 2010, AVAST noticed that the majority of malware infections were occurring via infected websites, rather than from malicious email, which had previously been the main culprit.
But good criminals go where they are least expected.
A couple weeks ago I posted an example of a type of phishing email that I’ve since learned is called ‘vishing‘, as it uses voice (VoIP, telephone) as an agent in the scam process. (It reminds me of a public payphone I had to use in Mexico about 10 years ago, which billed me something around $80 for a five-minute call.) Read more…