Tracking the Password Thieves 112
wiredog writes "From The Washington Post, yet another story about phishers, keyloggers, and viruses. The story is nothing new, but the author has a blog where he describes how he gathered the information that went into the story. Information including the locations of the victims, and the ISPs likeliest to be hit.
Some of the victims included "an engineer for the Architect of the Capitol" and a man who "works in computer security for IBM." One victim "was fresh out of college, where he'd just earned a degree in information security. (He was actively looking for a job in the field; I suggested he may want to go back to the classroom.)" A compromised machine was also found in "the new accounts department at Bank of America" (Score!)"
AOL is at the bottom of the list (Score:3, Interesting)
Poison their lists (Score:3, Interesting)
When the poison credentials are used by the phisher the targeted corp should use their source ip and browser fingerprints help identify other compromised accounts logged in from the same source. Places like banks and pay-pal could also this information to freeze compromised accounts more quickly.
Re:A list could be good (Score:4, Interesting)
I've often thought of generating some kind of unique e-mail address for each of my friends, to detect if my e-mail address has been compromised by them (or their PC). e.g:
asdf2344ks@gmail.com for my emails to Tom
oieo116i2k@gmail.com for my emails to Liz
The idea is they reply to that address, and mail to these addresses would aggregate to my inbox. If one of those email addresses starts to get spammed, I'll have an idea of who's responsible, change the address for them and see if it continues. After it happening a couple of times I could inform them that they may have a compromised computer and help them out etc.
I just dont have the time to implement such a scheme and rely on Gmails spam filtering which i think is pretty good.