Wifiphisher is a security tool that mounts fast automated phishing attacks against WPA networks in order to obtain the secret passphrase. It is a social engineering attack that unlike other methods it does not include any brute forcing. It is an easy way for obtaining WPA credentials.

In the search for new ways to bypass spam filters, attackers are developing new methods of delivering their messages. This year, they made active use of various Google services, as well as popular social networks and video hosting sites.

Mikalai Mardakhayeu, a Belarusian national residing in Nantucket, Mass., was arrested Wednesday night and charged for his alleged participation in an international online “phishing” scheme to steal income tax refunds intended for U.S. taxpayers around the country.

Representational picture

San Francisco: Facebook has announced a new tool for website owners and developers that will alert them about phishing attacks on their platforms. "We are extending the capabilities of our 'Certificate Transparency Monitoring' tool to make it easier for developers to learn about new domains that are maliciously created to implement phishing attacks," security engineer David Huang and software engineers Bartosz Niemczura and Amy Xu said in a blog post late on Wednesday.

Phishing websites try to trick people into revealing their passwords, credit card numbers, or other sensitive information.

The tool, announced during the F8 annual developer conference in San Jose, alerts website owners of these scams so that they can take action to protect their domain and the people who use their websites.

"Certificate Transparency Logs" are designed to keep a record of all valid security certificates issued by publicly-trusted Certificate Authorities.

"We have been using these logs to monitor certificates issued for domains owned by Facebook and have created tools to help developers take advantage of the same approach," the post said.

Using these tools, developers can learn about certificates that are mis-issued for the domains they control.

"We are extending the capabilities of our tool to send alerts when certificates are issued for potential phishing domains," the post added.

Catch up on all the latest Crime, National, International and Hatke news here. Also download the new mid-day Android and iOS apps to get latest updates

This story has been sourced from a third party syndicated feed, agencies. Mid-day accepts no responsibility or liability for its dependability, trustworthiness, reliability and data of the text. Mid-day management/mid-day.com reserves the sole right to alter, delete or remove (without notice) the content in its absolute discretion for any reason whatsoever

Phishing scams are getting more and more sophisticated, to the point where they’re fooling even security experts. Here's how to avoid them.

Separately GST Network, the company handling the technology backbone for Goods and Services Tax, cautioned against a fraud website onlinefilingindia.in asking taxpayers not to reveal personal and bank details.