Friday, December 12, 2003
Internet Explorer Vulnerability
Ah, the joys of the internet and Microsoft. A number of things are interesting about this
What would you do if you were approached in the pub every evening and asked if you'd like to help pinch cars? You'd (hopefully) pass the information on the the police that people out there were plannnig crimes and expect some action from them. So why are we happy to simply tag the email as spam and delete it, often with a wry smile? It's a serious issue and deserves some proper attention. The law passed yesterday is a start - but a poor one.
Ah, the joys of the internet and Microsoft. A number of things are interesting about this
- Why do users constantly fall for this type of scam? Answer: because there are still a lot of internet users who are not savvy to the ways of the Internet world. However, they would be rightly suspicious if some anonymous person purporting to be from their bank rang them up and asked for their account details and PIN codes - so why assume that a bank will email you and ask for the same things. Solution: if it's urgent, the bank will write. See also the ZDNet news story on Bank scams. As one of our TA's (Mark Roberts) succinctly puts it
If you ever go to a secure site you should (until MS patch the problem) go to the file menu and click on Properties. In the Address field you will see the full address listed. If you see a @ character with anything after it then your are being tricked. In general, you shouldn't follow any links to banking or other secure sites. Get them bookmarked and you won't be at risk from following a dodgy link.
- Why is it that Microsoft decided not to print the whole URL in the toolbar? I imagine that this was actually a conscious decision, and is very strange
- The savvy internet users are now faced with an interesting dilemma - there is a much greater distrust of information appearing in their inboxes than there ever was, as scams proliferate. I'd be interested to try and study the amount of rubbish on the net compared to the good stuff and compare it to a few years ago. I bet it's a lot worse.
- We need to fight back much more vigorously with the legal tools at our disposal, and the government needs to focus some resources on combatting fraud that is hitting the most vulnerable, and hitting them hard. Estimates are that Internet fraud cost the US citizens around £35million in 2002, and my view is that growth is likely to be similar for 2003, probably exceeding £100million.
What would you do if you were approached in the pub every evening and asked if you'd like to help pinch cars? You'd (hopefully) pass the information on the the police that people out there were plannnig crimes and expect some action from them. So why are we happy to simply tag the email as spam and delete it, often with a wry smile? It's a serious issue and deserves some proper attention. The law passed yesterday is a start - but a poor one.
(c) 2003-2005 Russell Beale
Atom
RSS