Despite spam filters generally being pretty good these days, phishing remains a serious problem for corporate IT administrators the world over.  A survey conducted last year revealed that over half of respondants believed that their corporate networks had been the target of a spear phishing attack. Spear phishing differs from the more traditional phishing...

I’ve recently switched bank accounts to Alliance & Leicester and activated my card today. After it was activated the call operator tried to sell me ID theft insurance.

I couldn’t help but chuckle at the irony of someone who it is impossible for me to verify was actually from Alliance & Leicester, and who had just secured a wide range of my personal information in order to activate my card, was now trying to sell me insurance against someone stealing my ID.

Far be it from me to advocate phishing or ID theft in anyway, but it would seem much easier to send out fake letters with a fake telephone line than it would be to set up a fake website.

At least with a website you can judge fairly accurately that the site you’re on is in fact an official one. How can you do the same with a telephone number?