I noticed a recent uptick in e-mail spam that looks like Linked-In invitations. When I received the first such message I actually opened it and looked to see if I recognized the person soliciting the connection. When that message was followed by the flood of variations characteristic of other spam campaigns, I stopped reading them. While I am sure that my spam filter will eventually learn to remove such messages, there is, in fact, a better way to handle such situations. In fact, there’s app for that.<\/p>\n
This is not a plug for the Linked-In iPhone app; it’s a nice app, but nothing extra-ordinary. Rather, this episode of receiving spoofed e-mails made me think that apps installed through a vetted channel may offer an effective mechanism to avoid phishing attacks. Each app communicates with the service provider through its private connection, reducing the likelihood that someone will be able to intervene in that communication.<\/p>\n
Since many phishing attacks attempt to get people to sign into faked bank accounts, I wonder if that industry could be made more secure through dedicated apps. Taking this one step further, might it not make sense for banks to distribute their own client software through which customers could transact business instead of using the browser which is much more susceptible to phishing and other exploits?<\/p>\n
Of course this solution is not a panacea: Man-in-the-middle attacks are still possible through compromised wifi networks, and the physical security of the device would need to be guarded better. Nonetheless, these other forms of attack seem considerably more involved and more expensive compared to sending out mass e-mails.<\/p>\n","protected":false},"excerpt":{"rendered":"
I noticed a recent uptick in e-mail spam that looks like Linked-In invitations. When I received the first such message I actually opened it and looked to see if I recognized the person soliciting the connection. When that message was followed by the flood of variations characteristic of other spam campaigns, I stopped reading them. […]<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[1],"tags":[110],"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/blog.fxpal.net\/index.php?rest_route=\/wp\/v2\/posts\/4428"}],"collection":[{"href":"https:\/\/blog.fxpal.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.fxpal.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.fxpal.net\/index.php?rest_route=\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.fxpal.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=4428"}],"version-history":[{"count":2,"href":"https:\/\/blog.fxpal.net\/index.php?rest_route=\/wp\/v2\/posts\/4428\/revisions"}],"predecessor-version":[{"id":4430,"href":"https:\/\/blog.fxpal.net\/index.php?rest_route=\/wp\/v2\/posts\/4428\/revisions\/4430"}],"wp:attachment":[{"href":"https:\/\/blog.fxpal.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=4428"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.fxpal.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=4428"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.fxpal.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=4428"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}