Phish, phish

The latest round of phishing scams to target New Zealand banks has arrived at National Bank; it will be interesting to see how they deal with it.

Phishing is really just a subset of old social engineering hacks; people tend to get blinded by the technological aspect (ooh, the shiny IntarWeb!) and ignore the fact that it’s a user education problem; for a concrete example of this, a person claiming to be a bank customer services rep rung a friend of mine a couple of months ago and offered her credit card insurance - and wanted her credit card details so she could help her buy it. Fortunately said friend is far too savvy to hand them over, pointing out a CSR should have them already. But I’m sure more than a few people would.