UK Consumers Lose Faith in ‘Phished’ Brands


It seems Phishing is have effects in ways that weren’t originally obvious, it comes back to the same topic we generally discuss here when it comes to security and consumers.

IGNORANCE.

Someone consumers see a Phishing attempt from ‘Brand X‘ as a negative against that brand…even though it has absolutely nothing to do with the brand and there’s nothing they can do to control it.

Email phishing attacks tarnish the reputations of targeted firms, according to a new UK survey. Two in five UK adults (42 per cent) quizzed feel that their trust in a brand would be “greatly reduced” if they received a phishing email purporting to represent it.

Despite this, the majority of respondents to YouGov’s online survey reckon the responsibility for protection against phishing attacks lies with ISPs and individuals themselves, rather than the brands targeted by fraudulent emails.

One in four (26 per cent) of 1,960 adults surveyed reckon the main responsibility for protecting against phishing attacks lies with themselves, with a similar percentage (23 per cent) responding that their ISP ought to bear the brunt of filtering spam emails. A further (17 per cent) think the sender’s ISP and email service provider holds the greatest responsibility in combating scam emails.

Pretty sad news for any big brands, and how did people work out it’s the ISP’s responsibility? If you are careful with your e-mail address and responsible about using it (or at least maintain segregated and throw-away accounts) you shouldn’t have any problems anyway.

Plus believing Phishing e-mails? Sometimes I lose faith in the human race.

The YouGov phishing survey was sponsored by anti-spam firm Cloudmark, which reports that .uk domains are the single most common target of phishing attack across Europe.

Security experts at ISPs said it was unfair for consumers to hold the targets of attacks responsible for the crud hitting their inboxes.

“Whilst awareness to the problem is essential, it is unrealistic to expect businesses to be able to secure themselves fully against such sophisticated criminal activities. The increasingly dynamic and transient nature of the latest threats requires a combination of desktop protection at the client level, and accurate message filtering from ISPs,” said Nigel Stevens, product director at THUS.

Oh well I guess we just have to keep educating, talking, discussing and teaching. There’s nothing much else we can do to combat misconceptions and public opinion.

Source: The Register

Posted in: Phishing, Spammers & Scammers

, , ,


Latest Posts:


Arcane - Tool To Backdoor iOS Packages (iPhone ARM) Arcane – Tool To Backdoor iOS Packages (iPhone ARM)
Arcane is a simple script tool to backdoor iOS packages (iPhone ARM) and create the necessary resources for APT repositories.
SharpHose - Asynchronous Password Spraying Tool SharpHose – Asynchronous Password Spraying Tool
SharpHose is an asynchronous password spraying tool in C# for Windows environments that takes into consideration fine-grained password policies and can be run over Cobalt Strike's execute-assembly.
Axiom - Pen-Testing Server For Collecting Bug Bounties Axiom – Pen-Testing Server For Collecting Bug Bounties
Project Axiom is a set of utilities for managing a small dynamic infrastructure setup for bug bounty, basically a pen-testing server out of the box with 1-line.
Quasar RAT - Windows Remote Administration Tool Quasar RAT – Windows Remote Administration Tool
Quasar is a fast and light-weight Windows remote administration tool coded in C#. Used for user support through day-to-day administrative work to monitoring.
Pingcastle - Active Directory Security Assessment Tool Pingcastle – Active Directory Security Assessment Tool
PingCastle is a Active Directory Security Assessment Tool designed to quickly assess the Active Directory security level based on a risk and maturity framework.
Second Order - Subdomain Takeover Scanner Tool Second Order – Subdomain Takeover Scanner Tool
Second Order Subdomain Takeover Scanner Tool scans web apps for second-order subdomain takeover by crawling the application and collecting URLs (and other data)


4 Responses to UK Consumers Lose Faith in ‘Phished’ Brands

  1. Nobody_Holme November 27, 2007 at 12:55 pm #

    “Sometimes I lose faith in the human race”

    I lost that a long time ago… But throwaways arent a perfect solution. I’m careful and use them, and only give my real email to people i trust, but I’m still on two of the spam lists…

    I do have to mention, some companies are no help, if theres a rash of phishing going round using their name, they should at least contact their customers.
    I got hit with a very very convincing one from paypal… which i dont use… so i emailed their customer support suggesting that they mention about it… and got told to fuck off, although it took them about 100 words.
    I’m not saying that the whole problem is their fault, but they should at least do their bit, after all, if their customers get all their money taken, they’ve got nobody to buy their stuff.

  2. Pantagruel November 27, 2007 at 3:03 pm #

    “Oh well I guess we just have to keep educating, talking, discussing and teaching. There

  3. dirty November 27, 2007 at 5:18 pm #

    I think this goes to show how truly uneducated most people on the internet are. I agree that the companies should be doing there part to negate these phising sites but it really comes down to the end users clicking and typing.

    When I was reading this it made me do one of those wide eyed head shaking double takes at the screen. I agree with you Pantagruel, there is no patch for human stupidity.

    ahhhhhhhhhhhhhhh!

  4. Goodpeople November 30, 2007 at 11:53 am #

    Well, I sort of understand why people react this way. When a company’s name is being abused in a fishing attack and the new spreads, people will start to associate that company’s name with “danger”.

    The prase “Something fishy going down”. comes to mind. Sorry for the lame attempt of humor.

    I don’t think it’s stupid. You can’t really blame people. But sooner or later they’ll realise that every company will become a taget sometime and that they just can’t keep avoiding it.