Crimeware
by Markus Jakobsson
RSS

Recent blog posts

How to build a better password: Be less predictable
When friendly 'from' names become enemies

How friendly email from names, smartphones, and social media create a perfect opportunity for social engineering scams.
Sarah Palin goes the way of Paris Hilton

Wednesday, it was reported that Sarah Palin's Yahoo account was hacked by a perpetrator wishing to find incriminating information in her …
What you always wanted to know about malware (but were afraid to ask)

Malware, like real-world epidemics, has the strange property that it does not only matter to your health how well protected you are, but …
Why no news is bad news -- at least when it comes to malware

Once upon a time, malware authors wrote code to infect thousands of machines for entertainment and intellectual stimulation. Today, it's …
Google Tech talk on Password Reset

In a recent post, I described the problems with password reset, and how current password reset questions can be attacked. Watch my recent …
What is worse than reusing passwords?

Think your password resets are secure? Think again. The city you grew up in and your mother's maiden name can be derived from public …
Forty-one million stolen credit cards is just the beginning

Federal prosecutors have charged 11 people with stealing 41 million credit cards, obtained by wardriving. The criminals drove around and …
Google knows who you are

Search engines and ISPs know who you are and where you've been. Phishers and advertisers do too. But can the average Joe learn this about …
Can you tell a good URL from a bad one?

Look at these three URLs: www.accountonline.com, www.democratic-party.us, www.wachovia.pin-update.com. Can you tell which (if any) …

How Herbert Thompson stole his friend's identity

By Markus Jakobsson

August 22, 2008, 1:27 PM — A recent Scientific American article describes how easy it is to steal somebody's identity. It uses blog entries, password reset mechanisms, and simple detective work. Make no mistake. You are not secure if you are not a blogger -- this is simply an account of what could be done.

Dr. Markus Jakobsson is a leading voice in advising on advancements in understanding phishing, crimeware and mobile security. He specializes in research around applied security, ranging from mobile malware detection to improved user interfaces. He is Principal Scientist at PayPal, and CTO/co-founder of FatSkunk, a San Diego based mobile malware startup. Dr. Jakobsson has authored numerous books and more than 100 peer-reviewed conference and journal articles. In 2012, he released two books: The Death of the Internet and Mobile Authentication: Problems and Solutions. He holds more than 50 patents and more than 100 pending patents.