Re: Worst Phishing Fraud Attack Ever! 40 Million Cards Affected

Why is this "phishing"? The reports indicate that it was an intrusion into a single business's computers, not a phishing attack in which people are tricked into giving their identifying information to an impostor.

And I don't see anything in the reports to indicate that it has anything particularly to do with the Internet. Does it?

[TELECOM Digest Editor's Note: The word 'phishing' may have not been the best way of phrasing things. As I understand what happened (and they are being sort of tight lipped about it) the perpetrator(s) installed some sort of 'back door' into the software to deliberatly capture the card numbers and other details. 'Traditional phishing' -- if we can use that term -- does generally refer to social engineering done manually, case by case. I put up a phony web page and trick you into revealing those same details. On the other hand, 'traditional hacking' usually refers to brute force removal of the desired data or manipulation of same, no password required. What terms should be used when there is a case of 'social engineering' where a computer 'trusts' that what it is doing is what it _should_ be doing, i.e. a back door built in by someone, and the computer goes right along innocently doing its thing? And what term should apply when instead of 'traditional phishing' (one person after another being tricked) the phisherman grows impatient and decides to get them all in one swoop by posing as a delivery person and tricking the one person (let's call him the 'master data collector' [who is honest]) into giving up his hoard? I honestly suspect that is what happened in the one case last week with the 'missing UPS' shipment. Neither UPS nor the employee-in-the-trick-bag is willing to admit it; some fool in the proper-looking uniform socially engineered the 'master data collector' into turning over his hoard of lawfully collected data. We probably need new common-names for all this deviant behavior; 'phisher', 'cracker' and 'hacker' are just not enough any longer. PAT]
Reply to
mc
Loading thread data ...

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.