{"id":303,"date":"2005-03-09T21:54:45","date_gmt":"2005-03-09T19:54:45","guid":{"rendered":"http:\/\/www.greenman.co.za\/wordpress\/?p=303"},"modified":"2005-03-09T21:54:45","modified_gmt":"2005-03-09T19:54:45","slug":"20twenty-ripe-for-phishing-attack","status":"publish","type":"post","link":"https:\/\/www.greenman.co.za\/blog\/?p=303","title":{"rendered":"20Twenty ripe for phishing attack?"},"content":{"rendered":"<p>Apparently, <a href=\"http:\/\/www.standardbank.co.za\">Standard Bank<\/a> has recently closed down 8 <a href=\"http:\/\/en.wikipedia.org\/wiki\/Phishing\">phishing<\/a> sites in the last 4 weeks (according to <a href=\"http:\/\/www.itweb.co.za\/sections\/internet\/2005\/0503091130.asp?A=EBU&amp;S=e-Business&amp;O=E&amp;CiRestriction=\">an ITWeb article<\/a>). Not surprising that South African banks are being targeted. With clients of Citibank and other popular US banks now either aware of the practice, or penniless after having been cleaned out, the phishers need to move on. And what better place than South Africa, a country where phishing attacks have been relatively rare.<\/p>\n<p>Phishers commonly use URL&#8217;s that are very similar to the original URL, for example standbank.com instead of standardbank.com. I&#8217;d imagine mispellings such as standerdbank.com would also be popular, if available.<\/p>\n<p>But that got me thinking. There&#8217;s one bank that I, as a client, have mispelled so many times it&#8217;s surely ripe for an attack. Yup, it&#8217;s <em>twentytwenty<\/em>. I mean <em>twenty20<\/em>. Or is that <em>20twenty<\/em>? And is it .co.za or .com?<\/p>\n<p>The good news is that in the co.za domain, all the &#8216;wrong&#8217; URL&#8217;s are currently taken. Two by 20Twenty themselves &#8211; <a href=\"http:\/\/www.20twenty.co.za\">20twenty.co.za<\/a> and <a href=\"http:\/\/www.twentytwenty.co.za\">twentytwenty.co.za<\/a> both redirect to the correct domain, <a href=\"http:\/\/www.20twenty.com\">20twenty.com<\/a>. The other option, <a href=\"http:\/\/www.twenty20.co.za\">twenty20.co.za<\/a>, takes you to the rather sad and outdated website of one Twenty20 web studio. In the .com world, <a href=\"http:\/\/www.twentytwenty.com\">twentytwenty.com<\/a> takes you to a cybersquatting search engine of sorts, that seems to be populated by nothing but Google ads, while <a href=\"http:\/\/www.twenty20.com\">twenty20.com<\/a> redirects you to Radiant Systems, offering Point of Sale devices of Self-service kiosks.<\/p>\n<p>If any of these domains became available, or the owners decided to branch out into a new line of business, I&#8217;m sure 20Twenty would be a relatively easy target. Perhaps now&#8217;s the time that 20Twenty, flush (I would guess) with funds from its new backer, can start on an education campaign for its clients, before it&#8217;s too late. <\/p>\n","protected":false},"excerpt":{"rendered":"<p>Apparently, Standard Bank has recently closed down 8 phishing sites in the last 4 weeks (according to an ITWeb article). Not surprising that South African banks are being targeted. With clients of Citibank and other popular US banks now either aware of the practice, or penniless after having been cleaned out, the phishers need to&hellip; <a class=\"more-link\" href=\"https:\/\/www.greenman.co.za\/blog\/?p=303\">Continue reading <span class=\"screen-reader-text\">20Twenty ripe for phishing attack?<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[7],"tags":[],"class_list":["post-303","post","type-post","status-publish","format-standard","hentry","category-metal-technical","entry"],"_links":{"self":[{"href":"https:\/\/www.greenman.co.za\/blog\/index.php?rest_route=\/wp\/v2\/posts\/303","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.greenman.co.za\/blog\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.greenman.co.za\/blog\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.greenman.co.za\/blog\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.greenman.co.za\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=303"}],"version-history":[{"count":0,"href":"https:\/\/www.greenman.co.za\/blog\/index.php?rest_route=\/wp\/v2\/posts\/303\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.greenman.co.za\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=303"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.greenman.co.za\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=303"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.greenman.co.za\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=303"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}