Sunday, June 18, 2006


George W. Bush is trying to give us the illusion of safety in trade for allowing him to violate international treaties, our own Constitution, and the laws and judgments of our own government.

Some prices are just too high, no matter how much you may want the prize. The one thing you cannot trade for your heart's desire is your heart.
      ---Miles Vorkosigan, Memory

Wednesday, June 14, 2006

Your Federal Reserve Bank account has been accessed!

Phishing is an ever-growing problem. Even if you realize the website to which you are directed is not the one from your bank, you are still vulnerable to a number of things.

  • The most common vulnerability, of course, is entering your username and password. The phisher now has that, and can access your account(s) at will.
  • You can, and often do, get cookies containing malicious code from these phishing websites. Since most sites require you to be able to have cookies enabled to be able to use the site, most people accept most cookies. Most are harmless marketing tools. Those few that aren't, however, can contain software called "key loggers," that logs all keystrokes you make and then forwards them to the phisher. This means every time you type in your username and password, the phisher gets it. For every account you access. Personally, I delete my cookies once a day, and more often if I've gone to a web store to buy something. If I get popups, I very definitely delete my cookies. Most are harmless, but I can't tell which are which. And don't want to take the time to learn.
  • And since Microsoft makes its software so very helpful, Internet Explorer will easily accept what is called a "browser helper object," to help make your browsing experience friendly and helpful. Your Yahoo or Google browser bar is a browser helper object, one you chose to add. And Yahoo and Google want to continue to have your business, so they aren't going to do anything to ruin their reputations. Going to the wrong website and clicking on the wrong thing will get you malicious, possibly invisible BHOs. Your virus software often does not catch these. Try searching for "spyware removal" software, which can get rid of most of these. I spent two weeks and several phone calls working with spyware removal companies, to find one such. The hackers had changed its name and changed where it was saved on the system. I found it, finally, and reported it.

I have a list of email addresses from various companies I forward phishing email to. ("Your Citi account has been violated!" yeah right.) The two you will find most useful are:

Just so you know, the Federal Reserve Bank doesn't have individual accounts.