HACKERS ARE JOLLY LAZY when it comes to their own computer security according to two insecurity experts.

Nitesh Dhanjani and Billy Rios claim that when phishers store their stolen data, such as credit card numbers, they don't protect it at all from access.

Dhanjani said when he visited such web sites there were no passwords, no encryption and no hardening of the compromised server.

He said that this means that it is a doddle to reverse engineer a real phisher’s website, look at their php script, and find out where they are storing the data.

You can then visit their site and steal the stolen data yourself.

If you want to know where there is a phishing site near you, you can visit http://www.phishtank.com.

If you are a fellow criminal you can save yourself from having to splash out on a stolen US credit card number by stealing it from a thief. µ

L'Inq
Networkworld