Although this topic most likely does not directly impact your site, it does fit within "Keeping Your Community Safe".
We often hear requests for ways to access systems from corporate, government or educational networks. Most of these organizations monitor and often block various sites for various reasons.
The most frequently recommended solution is attempt to reach the destination web site through a proxy web site, or non-blocked, in-between site.
This is no longer safe.
Both from my recent experience, and feedback from others, proxy sites are increasingly used for "phishing". Users reaching the proxy web sites presume the information passed back and forth is not saved by the proxy.
This is no longer the case.
Although phishing sites are specialized proxy sites, the new trend is simply to monitor real proxy sites' traffic, and when target web site is accessed through a proxy, log all activity.
These sites are advertised, promoted and show up in search engines as providing proxy and anonymity, intermingled with regular proxy and anonymity sites. There is almost no way for an individual to detect a phishing proxy site, from a non-phishing one.
Beware of proxies and anonymity solutions.
:eek2:
We often hear requests for ways to access systems from corporate, government or educational networks. Most of these organizations monitor and often block various sites for various reasons.
The most frequently recommended solution is attempt to reach the destination web site through a proxy web site, or non-blocked, in-between site.
This is no longer safe.
Both from my recent experience, and feedback from others, proxy sites are increasingly used for "phishing". Users reaching the proxy web sites presume the information passed back and forth is not saved by the proxy.
This is no longer the case.
Although phishing sites are specialized proxy sites, the new trend is simply to monitor real proxy sites' traffic, and when target web site is accessed through a proxy, log all activity.
These sites are advertised, promoted and show up in search engines as providing proxy and anonymity, intermingled with regular proxy and anonymity sites. There is almost no way for an individual to detect a phishing proxy site, from a non-phishing one.
Beware of proxies and anonymity solutions.
:eek2:
