Citing cybercrime, FBI director doesn't bank online
IDG News Service - The head of the FBI has stopped banking online after nearly falling for a phishing attempt.
FBI Director Robert Mueller said he recently came "just a few clicks away from falling into a classic Internet phishing scam" after receiving an e-mail that appeared to be from his bank.
"It looked pretty legitimate," Mueller said Wednesday in a speech at San Francisco's Commonwealth Club. "They had mimicked the e-mails that the bank would ordinarily send out to its customers; they'd mimicked them very well."
In phishing scams, criminals send spam e-mails to their victims, hoping to trick them into entering sensitive information such as usernames and passwords at fake Web sites.
Though he stopped before handing over any sensitive information, the incident put an end to Mueller's online banking.
"After changing our passwords, I tried to pass the incident off to my wife ... as a teachable moment," he said. "To which she deftly replied, 'Well, it is not my teachable moment. However, it is our money. No more Internet banking for you."
Mueller said he considers online banking "very safe" but that "just in my household, we don't use it."
Phishing has evolved into a big problem, not just for banks, but for online retailers and even providers of consumer Web applications such as Facebook and Yahoo.
In June -- the latest month for which figures are available -- the Anti-Phishing Working Group counted nearly 50,000 active phishing Web sites, the second-highest number it has ever recorded.
Late last week, criminals posted tens of thousands of passwords belonging to Microsoft Live Hotmail, Gmail, and Yahoo accounts online. They are all thought to have been stolen via phishing.
Mueller's FBI has had some success in going after phishers. On Wednesday it announced it had arrested 33 people in the U.S. in connection with an international phishing operation. Egyptian authorities have charged 47 in connection with the same scam.
"They targeted American financial institutions and also approximately 5,000 American citizens here in the United States," Mueller said. Dubbed Operation Phish Phry, "it is the largest international phishing case ever conducted," he added.
"Far too little attention has been paid to cyber threats and their consequences," Mueller said. "Intruders are reaching into our networks every day looking for valuable information. Unfortunately they're finding it. "
This pilot fish is a contractor at a military base, working on some very cool fire-control systems for tanks. But when he spots something obviously wrong during a live-fire test, he can't get the firing-range commander's attention.
- IT Certification Study Tips
- Register for this Computerworld Insider Study Tip guide and gain access to hundreds of premium content articles, cheat sheets, product reviews and more.
- Reduce federal infrastructure risk with compliance management and situational awareness
- IBM continuous monitoring and management solutions deliver real-time situational awareness to help federal agencies understand vulnerabilities, and protect the infrastructure.
- How Four Citrix Customers Solved the Enterprise Mobility Challenge
- Managing mobile devices, data and all types of apps-Windows, datacenter, web and native mobile- through a single solution.
- 8 Steps to Fill the Mobile Enterprise Application Gap
- Traveling executives and Millennials alike expect to communicate, collaborate and access their important work applications and data from anywhere on whatever device they...
- Seattle Children's Accelerates Citrix Login Times by 500% with Cross-Tier Insight
- Seattle Children's is a leading research hospital with a large and growing Citrix XenDesktop deployment. With ExtraHop, the IT team at Seattle Children's...
- McKesson Makes Application Hosting for Hospitals Faster, More Efficient
- With ExtraHop, McKesson identified the root cause of slow Citrix XenApp application launches and adopted a more intelligent, proactive IT operations model that... All Government IT White Papers
- Keep Servers Up and Running and Attackers in the Dark An SSL/TLS handshake requires at least 10 times more processing power on a server than on the client. SSL renegotiation attacks can readily...
- On Demand: Mastering the Art of Mobile Content Management Mobile device usage in the enterprise has skyrocketed, and it continues to escalate. IT must answer to users who demand access to their...
- DevOps with PureApplication System: Reduce cost and speed delivery with an integrated IBM Cloud solution Join this webcast to hear what ING Netherlands has been able to achieve while deploying DevOps tools from IBM Rational. An ING executive...
- NSS Labs & Cisco Present: Evaluating Leading Breach Detection Systems Today's constantly evolving advanced malware and APTs can evade point-in-time defenses to penetrate networks. Security professionals must evolve their strategy in lockstep to...
- Will the Real Endpoint Threat Detection and Response Please Stand Up? This webinar explores new technologies & process for protecting endpoints from advanced attackers as well as the innovations that are pushing the envelope...
- All Government IT Webcasts