You can be whatever you want to be on the Internet -- even if you want to be Citibank.
A recent flood of fake Citibank e-mail messages demonstrates the growing arsenal of technical and psychological tricks that online tricksters, called phishers, are using to get people to divulge personal information.
Hackers first coined the term "phishing" in the mid-1990s to refer to the art of stealing America Online accounts. But e-mail messages collected by the Anti-Phishing Working Group, an industry association, show that phishers are now going where the money is. In the group's June report, the most recent available, it said it had seen 492 different mass-mailings intended to fool Citibank customers. That compared with 285 aimed at eBay users.
The messages, and the fake Web sites they direct recipients to, are loaded with tricks that in some cases circumvent the tips once given to consumers about how to avoid online fraud. For example, one trick masks the address bar in the Web browser to conceal the true address of the site. And in the past year or so, senders have learned a new technique: Proper spelling and grammar.
"It's survival of the fittest," said Jon Oliver, chief messaging security officer at MailFrontier, a maker of spam- and fraud-fighting software.
One fake Citibank message managed to impress a specialist in online marketing. "From a marketer's point of view -- and I'm pretty brand-conscious -- it struck me as being realistic," said Lawrence Hefler, vice president of e-business and strategic alliances at Hilton Grand Vacations and the chairman of the Direct Marketing Association's Internet committee.
"The hot buttons are there," he added. "Clearly people are very conscious of privacy, but because of that consciousness they're aware of the identity theft issue, and that's the first thing they talk about in the e-mail."
A Citibank spokesman listed a number of steps the bank is taking to fight the scams, including educating customers, but he declined to discuss how much damage the scams had done.
Big Internet companies are trying to plug some of the larger security holes exploited by phishers and spammers -- for example, the ease with which the return address on a message can be faked. Microsoft has been trying to win support for a Sender ID system that could spot messages sent from machines that were not authorized to use a domain name like citibank.com in return addresses.
RETHINK? The defense ministry and Navy Command Headquarters could take over the indigenous submarine project and change its production timeline, a source said Admiral Huang Shu-kuang’s (黃曙光) resignation as head of the Indigenous Submarine Program and as a member of the National Security Council could affect the production of submarines, a source said yesterday. Huang in a statement last night said he had decided to resign due to national security concerns while expressing the hope that it would put a stop to political wrangling that only undermines the advancement of the nation’s defense capabilities. Taiwan People’s Party Legislator Vivian Huang (黃珊珊) yesterday said that the admiral, her older brother, felt it was time for him to step down and that he had completed what he
Taiwan has experienced its most significant improvement in the QS World University Rankings by Subject, data provided on Sunday by international higher education analyst Quacquarelli Symonds (QS) showed. Compared with last year’s edition of the rankings, which measure academic excellence and influence, Taiwanese universities made great improvements in the H Index metric, which evaluates research productivity and its impact, with a notable 30 percent increase overall, QS said. Taiwanese universities also made notable progress in the Citations per Paper metric, which measures the impact of research, achieving a 13 percent increase. Taiwanese universities gained 10 percent in Academic Reputation, but declined 18 percent
UNDER DISCUSSION: The combatant command would integrate fast attack boat and anti-ship missile groups to defend waters closest to the coastline, a source said The military could establish a new combatant command as early as 2026, which would be tasked with defending Taiwan’s territorial waters 24 nautical miles (44.4km) from the nation’s coastline, a source familiar with the matter said yesterday. The new command, which would fall under the Naval Command Headquarters, would be led by a vice admiral and integrate existing fast attack boat and anti-ship missile groups, along with the Naval Maritime Surveillance and Reconnaissance Command, said the source, who asked to remain anonymous. It could be launched by 2026, but details are being discussed and no final timetable has been announced, the source
CHINA REACTS: The patrol and reconnaissance plane ‘transited the Taiwan Strait in international airspace,’ the 7th Fleet said, while Taipei said it saw nothing unusual The US 7th Fleet yesterday said that a US Navy P-8A Poseidon flew through the Taiwan Strait, a day after US and Chinese defense heads held their first talks since November 2022 in an effort to reduce regional tensions. The patrol and reconnaissance plane “transited the Taiwan Strait in international airspace,” the 7th Fleet said in a news release. “By operating within the Taiwan Strait in accordance with international law, the United States upholds the navigational rights and freedoms of all nations.” In a separate statement, the Ministry of National Defense said that it monitored nearby waters and airspace as the aircraft