eMarkLee

RSA announced this week its uncovering of a universal Man In the Middle kit that can be used by anyone to create more advanced/elaborate spoof sites than the plain old one page spoof site. While phishing kits are not a new thing, this one is a bit more interesting because it is universal and therefore can be used to create simple spoof sites of whatever site they want to attack…ie eBay, PayPal, BofA, etc.

There are a number of ways you can protect yourself from these type of attacks, most of which are common sense but people get phished everyday by these unsophisticated social engineering attacks:

1. Install a security suite on your computer. I have not identified what is the best security suite out there yet but just have something that includes: Firewall, AntiVirus, AntiSpyware, AntiWussy, and AntiGettingFatInTheAss. Remember that the top two AV software suites(Symmantec, Mcafee) are used as the standard testing basis for hackers and therefore may not be the best choices.
2. Do not click on links in emails without analyzing the links first. For n00bs, just don’t click on links in emails.
3. Look for grammatical and spelling errors in emails and on spoof sites. As intelligent as some hackers might be, they will never be smart enough for the intricacies of the cryptic English language.
4. Run scans on your computer regularly to make sure there’s no malware on your system. These include some serious processes that run on your computer from keyloggers, trojans, etc.
5. Don’t use your computer because you will get hacked regardless of what I am telling you to do.