Phishing Search Results (and lifehacking: yogurt, blinky lights, and checkerboard floors)

Internet crooks have started phishing search results — by buying search advertising and making the ad look like a legit search result. Search for “mtgox,” and the top “sponsored link” might contain the same phrasing as the real MtGox, only clicking on it sends you to mtpox.com.

Elegant? Not really. Probably going to confuse a few people? Sure. Covered by the usual anti-phishing lectures doled out to all and sundry computer neophytes? Definitely not.

A high profile attack on MtGox might get spotted, Krebsed, and killed. An attack targeting people searching for their internal corporate web application’s login page? Probably not.

Tying this all together…

Guess what — people use search engines to find internal web application things all the time. Random users are a lot more likely to fall into the “big bold link = hey it’s probably official!” trap.

Lifehacking:

Yogurt — turns out changing gut bacteria by eating probiotics changes how you think. http://newsroom.ucla.edu/portal/ucla/changing-gut-bacteria-through-245617.aspx

Blinky lights and checkerboard floors — I was mulling over a link I’ve already covered in some detail (http://blog.saikoled.com/post/45760195354/generating-vivid-geometric-hallucinations-using-flicker) when I realized some things…

“Stimulation at 8-25Hz also works to excite the alpha oscillation. Even though this is twice the intrinsic frequency of the system, local patches of the brain are hypothesized to respond only to every-other oscillation cycle, effectively oscillating at alpha.”

So, movies have historically all been made at a 24hz (fps) refresh rate. This goes back to the advent of sound in film (before then it was 16hz). Every time a filmmaker dares to shoot or project faster than 24/25hz, a giant hue and cry rises up from the purists… “It looks like video!” I wonder if they’re actually lamenting the lack of alpha oscillations?

Since alpha waves are associated with suggestibility among many other things, it’s possible 24fps filming aids suspension of disbelief.

Also, take a look at the crazy diagrams illustrating the way the brain maps the visual field onto the cortex. Now look at a checkerboard floor: http://amithaverma.com/blog/tag/checkerboard-floor/

It seems to me that a checkerboard floor, no matter where you are on it, ought to produce more or less the same frequency in the visual cortex. (A checkerboard ceiling too, but those are less common, and we don’t look at ceilings nearly as much.)

I wonder if this would encourage the minds (or at least the visual cortexes) of people in the room to “get in sync.” If so, that would explain why the Egyptians, Romans, bar owners, discos, and barbershops — a social spot in their own right at one point — all liked to use them.

Going back to the holographic theory of memory, reliably producing a particular wavefront in the visual cortex might also serve to deepen the formation of memory and aid recall of memories formed in that room.

http://krebsonsecurity.com/2013/06/mtgox-phishing-campaign-hits-bing-yahoo/

“An active phishing campaign targeting account holders at popular Bitcoin exchange MtGox.com has hijacked the top search results at Bing and Yahoo.com, redirecting unwary clickers to mtpox.com, a look-alike domain and Web site that was registered on June 12, 2013, less than 24 hours ago.[…]

Hover over the search links returned in Yahoo.com after searching for “Mtgox” and you’ll see what appears to be a paid or perhaps sponsored search ad that lists a result for mtgox.com, although hovering over the link displays a long “yahoo.com” URL. The same is true when you currently search for “mtgox” on Bing.com: hovering over the returned link shows a bing.com address.

In the video above, entering any credentials at the fake “mtpox.com” site caused a site error, but when I tried it again a moment later, I was redirected to the real Mtgox.com.

Interestingly, it appears the phisher in this case simply copied and pasted the code from Mtgox.com; as shown in the video, hovering over either the username or password field on mtpox.com produces the same warning present on mtgox.com — a message advising visitors to check for the green “extended validation” or EV browser certificate in the URL address bar.”

Advertisements
%d bloggers like this: