"some of which rely on exploiting confusing about a bank's genuine online location" (sic)
Just saying, you can't put in a sic erat scriptum on the hackers imperfect English and then type bad English yourself.
Anon hackers have been caught boasting about defacing a counterfeit Yorkshire Bank website. Hacktivist crew Anon Ghost earned coverage on underground security blogs for defacing “Yorkshire Bank, one of the largest United Kingdom bank (sic)”. However, the hackers actually hit "ybs-bank.com", a Malaysian imitation of the real …
"some of which rely on exploiting confusing about a bank's genuine online location" (sic)
Just saying, you can't put in a sic erat scriptum on the hackers [sic erat scriptum] imperfect English and then type bad English yourself.
........................................................
Just saying, you can't put in a sic erat scriptum on the <bold>hacker's</bold> imperfect English and then type bad English yourself.
Or, alternately, hackers' if you think there exist more than one.
:-)
...Cirdan...
Though its about time a new word other than "hacker" was used , since they're nothing more than online vandals using tools written by other people. They wouldn't recognise a proper hack if it slapped them around the face with a copy of the dummies guide to hacking.
'Hack' is such an overused word in the Press anyway.
You might say that "Hacks* hack** vandals as 'hackers'***, hacking**** at true hacker's***** reputation, because they can't hack****** proper journalism."
Now if you'll excuse me, I seem to be suddenly suffering a dry cough.
*Hack - A Hack is a colloquial and usually pejorative term used to refer to a writer who is paid to write low-quality, rushed articles or books "to order", often with a short deadline.
**Hack - Sudden noisy expulsion of air from lungs.
***Hacker - Common hack* press term used to describe someone who seeks and exploits weaknesses in a computer system or computer network.
****Hack - To cut, notch, slice, chop, or sever.
*****Hacker - One who combines excellence, playfulness, cleverness and exploration in performed activities.
******Hack - Slang sense of "cope with" (such as in can't hack it)
There's just so much to laugh at here.
There's the fact that they did it. Then there's the much funnier fact that they bragged about it. But the biggest laugh is that when it boils down to it these berks consider themselves more tech savvy than the rest of us, but got conned by a half arsed phishing scam that was years out of date.
FAIL just isn't a big enough word. We need a new one.
"The whole incident illustrates the difficulty banks face in identifying and seeking the takedown of counterfeit sites, some of which rely on exploiting confusing about a bank's genuine online location."
Sometimes there is "confusing" about a bank's genuine online location within the bank's own staff (or external marketing bods).
Take Natwest, for example.
A client company uses Natwest Bankline, and I also have access to it.
I usually log into it by visiting www.natwest.com, clicking on the "Business" tab, then on the link for Bankline. From the moment I click on the "Business" tab I am on the subdomain www.business.natwest.com, and remain on that domain while logged into Bankline.
I always assumed that it was the same for the client. However, sometime last year he had trouble reaching the bank, and asked me to look at his computer, wondering if there was something wrong with it.
It turned out that he was typing Natwest into Google, and following the first link - which was to www.nwolb.com - and my first thought, because I didn't recognise the domain as being Natwest's own, was that he'd found himself on a phishing site.
It turns out I was wrong, and nwolb.com is genuinely one of Natwest's domains, but I got a bit ranty about it. In my view, banks are not helping when people fall for phishing scams if their online presence isn't sitting on a straightforward domain that doesn't so much include the bank's name, but rather is their name. Natwest's online presence should be on natwest.com (and other TLDs), HSBC's online presence should be on hsbc.com (and other TLDs), etc.
I commented about this, amongst other places, on Twitter.
The reply I got from the Natwest Business Twitter bod(s)? Something like "natwest.com is our product information website, nwolb.com is for online banking."
I pointed out that I access their online banking via natwest.com (adding that they'd missed the point anyway).
Didn't get a reply.
As for the computer, it was just having a bad hair day.
I don't see why this was actually unintentional. The "we're watching you" quote sounds like intentional to me; as if they actually wanted to target the phishers themselves. The Owned and Exposed group is notorious for going after malware and credit card fraudsters as well, is this also unintentional?