Kaspersky Internet Security doesn't like the SOTT blogs...

mada85

mada85

The Cosmic Force
I was unable to access SoTT earlier today, so I went over to the SoTT blog at Blogspot, and Laura's blog, also at Blogspot.

In both cases, Kaspersky informed me that it had detected a phishing attack, and:

This web page is used for stealing credit card numbers, PIN-codes, passwords and other personal data.
Click to expand...
Wikipedia defines 'phishing' as:

Wikipedia said:
In computing, phishing is an attempt to criminally and fraudulently acquire sensitive information, such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication. eBay, PayPal and online banks are common targets. Phishing is typically carried out by email or instant messaging,[1] and often directs users to enter details at a website, although phone contact has also been used.
Click to expand...
Which is fair enough, but then goes on to say:

Wikipedia said:
Phishing is an example of social engineering techniques used to fool users.
Click to expand...
Another round in the PTB's infowar.
 
Same here, Ive been unable to acces Cassiopaea.com and sott.net today.
Well atleast I can acces the forum now! But the sott.net front page is still down but gives this message:

503 Service Temporarily Unavailable

The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again later.

My computer has also acted very strangeley recently, the processor popps up to 100% just like that sometimes, and systemchanges has probalby also occured. Well it's not related with the sott page being down, but who knows, maybe there are folks/ cp nerds attacking specific peoples.
 
And also, there must be something wrong with the Online status bar for online members. It's just repeating same different folks all the time when refreshing, like an pattern. o.O
 
yep cassiopaea.org worked but the cassiopaea.com was down, but hey now it works!
sott front page is up and it worked since ~23.40 (swe), :)

:D
 
mada85 said:
...In both cases, Kaspersky informed me that it had detected a phishing attack...
Click to expand...
Kaspersky said that FSB sites are o.k :))


Please, use free version of, e.g., Avast.
 
I am using Kaspersky and it works just fine with SOTT site. However I had trouble last night at home accessing SOTT where I use Norton. Somehow I dont think it was the anti virus software.
 
In googling Smoking Mirrors yesterday, Les' site topped the page. When I clicked the link the same Kaspersky phishing warning appeared for it too. I was of the impression that the warning was generated by google and presented by Kaspersky, but then I am techno stupid. It seems strange that Les' blogspot sells nothing and asks for no personal information whatsoever. I do not understand how Kaspersky could arrive at the determination that Smoking Mirrors is a phishing site.

I just now googled sott.net, clicked the link but did not get the warning. I then googled Smoking Mirrors, clicked the link and again received the same warning. Weird.
 
Kaspersky (and all the other antivirus/security software) have regular database updates from the manufacturer. Without a relevant entry in the database files on the host computer, the software would not be able to identify a particular site as a phishing or any other threat. Which means that someone, somewhere, reported those two blogs as phishing threats. And, since they are so obviously NOT phishing scams, that same someone, somewhere, wants to put people off accessing them, imho.
 
Amoeba said:
I am using Kaspersky and it works just fine with SOTT site. However I had trouble last night at home accessing SOTT where I use Norton. Somehow I dont think it was the anti virus software.
Click to expand...
Yes, it was not related with any bandwich/anti virus software. The sott page was down, mada meant that the blogspot pages were using a phising attack. (right?) and that the blogspot sites is one of thoose 'social' sites which it is common for to use phising attacks against its user.- wikipedia claims.

Edit- what i mean was, sott was down and it was not your bandwich Norton Anti Virus blocking it.

Edit- Mada, I saw your post now, if what your saying is right, then it propbably was an intentional attack.
 
I was unable to get to the Sott page yesterday as well. I got the same message, 503 service temporarily unavailable.
 
It might just as well be a false positive but I don't rule out another explanation.

_http://www.kaspersky.com/news?id=207575573

The PhishTank service, run byOpenDNS, offers a consolidated database of known phishing websites which is continually updated by the Open Source community and ordinary users. Kaspersky Lab has been a participant of this project for a long time, submitting information about phishing resources to the PhishTank database.

Until now, the principal source of anti-phishing data used in Kaspersky Lab products included databases provided by the Anti-Phishing Working Group, of which Kaspersky Lab is a member. Kaspersky Lab products also use data from other sources including security services of financial organizations which independently track phishing resources. With the addition of the PhishTank databases, the range of anti-phishing data sources has become even broader. This will help to significantly improve the quality of protection from phishing attacks offered to users.
Click to expand...
There is no Entry for Laura's blog or the SOTT in the phishtank database for example

_http://www.phishtank.com/index.php


It might be a javascript running that might cause this, Kaspersky does mark positive good non-phishing site from what I've read so far.

EDITED : Added text from Kaspersky lab because I omitted the other phishing reporting sources.
 
Thanks for the info, Tigersoap. Some digging around turned up the following:

The Real Blogger Status at _http://bloggerstatusforreal.blogspot.com/2008/02/phishing-attack-warning-messages-from.html says:

Real Blogger Status said:
Friday, February 08, 2008
Phishing Attack Warning Messages From Kaspersky Internet Security

We have recent reports that Kaspersky Internet Security is issuing "Phishing Attack" warning messages, when any BlogSpot blog is loaded on a protected computer.

To validate any such warnings, use other anti-malware sites, such as McAfee Site Advisor. Verification of such warnings is a necessary task, so not to cause a panic. Claims that the entire BlogSpot address space is infected won't do anybody any good, except maybe the hackers who would love to see benevolent web sites, hosted by BlogSpot, avoided by those needing advice.
Click to expand...
McAfee site advisor at _http://www.siteadvisor.com has no information about Laura's or the SoTT blogs.

It seems to be a problem Kaspersky is having with all BlogSpot sites. I should have looked before leaping… ;-)
 
I haven't experienced any problems with SOTT, however, check what happens when you go to _www.lesvisible.com when you have Kaspersky installed.

It says:

Kaspersky Anti-Virus 6.0 for Windows Workstations
The requested URL http://www.lesvisible.com/ is forbidden

Usually Kaspersky gives you the option to still add the URL to your "trusted sources" after you've been warned, in this case, it gives no access, first time I have come across this...
 
Funny, I clicked the link you provided Erna. And my Computer 'clicked', then my Firewall /AntiVirus (F-secure) notified me that an virus has been removed.

I don't think the link is safe.

edit. I see no 'infringement,'warning, in the log in Fsecure, any skilled person here who know if there is any other log in Fsecure.
 
You must log in or register to reply here.

Trending content

Back
Top Bottom