Don't Be Phishbait!

October 1, 2009

Phishing Scams

No, you did not really win the European lottery.

No, you have not been chosen to  be an import/export representative for an Asian ceramics company.

No, you should not click on that link to verify your ebay, paypal or bank account information.

And chances are pretty good that somebody you have never heard of did not leave you seven million dollars in his will.

These are all examples of fraudulent e-mail known as phishing, and it’s becoming increasingly sophisticated and cunning.  “Phishers” attempt to fraudulently acquire sensitive information, such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication.

Phishing, also referred to as brand spoofing or carding, is a variation on “fishing”; the idea being that bait is thrown out with the hopes that while most will ignore the bait, some will be tempted into biting.  One of the most important things to consider regarding Phishing is that the extent of its success is mainly dependent on the people who actually receive the email. Clearly, the human factor is the only vulnerability that is virtually unpatchable, and no security product, service or update can protect people from their own choices.  You can contribute significantly to your own security by just following certain guidelines and performing simple, logical practices, such as these suggested by TrendMicro:

Practice prudence when receiving email messages that ask for account credentials. Remember, Phishing emails are designed to upset, confuse, or excite recipients, to entice them to react immediately.

2. Ensure that any Web site visited is secure when submitting sensitive information such as credit card numbers. One indication that a Web address is secure is if it starts with https:// rather than http://.  Another indication is a padlock icon at the bottom of the screen, which when clicked, displays a security certificate.

3. Do not click any link inside an email that is suspected to be spoofed. Instead, go directly to the legitimate company’s site by directly typing in the legitimate company URL in the address bar of the browser, then log on from there. One can also call the company directly. Previously targeted companies have disclosed contact information for Phishing-related incidents.

4. Avoid opening any file attachments of suspected phishing email messages as they might execute a malware program that can steal personal information.

Most email systems employ several different methods to combat SPAM and phishing,  and their filters are updated on a regular basis, but a few unwanted emails will inevitably get through.  If it were easy to stop, it would be stopped already.  If you do receive a phishing email, you can report it to the organizations listed below, or add it to your junk senders list.  Then delete it!  NEVER REPLY TO IT!!!

Report suspected Phishing attacks to any of the following Web sites and email addresses:

Internet Crime Complaint Center
(a joint project of the FBI and the National Collar Crime Center): http://www.ic3.gov

Federal Trade Commission’s identity theft Web site: http://www.consumer.gov/idtheft

Federal Trade Commission’s email address: uce@ftc.gov
Anti-Phishing Working Group: reportphishing@antiphishing.org

As always, if you need more information, contact me.

Don’t get taken hook, line and sinker!

_________________________________________

clean your registry

7
Leave a Reply

avatar
7 Comment threads
0 Thread replies
0 Followers
 
Most reacted comment
Hottest comment thread
4 Comment authors
VentegoBunkerJohnBrownHow I Lost 30 Pounds in 30 Days Without Diet Recent comment authors
  Subscribe  
newest oldest most voted
Notify of
How I Make $300 a Day Posting Links Online
Guest

Cool post, just subscribed.

derekpm
Guest

Rather interesting. Has few times re-read for this purpose to remember. Thanks for interesting article. Waiting for trackback

How I Lost 30 Pounds in 30 Days Without Diet
Guest

Thanks for posting about this, I would like to read more about this topic.

Brown
Guest

Are you a professional journalist? You write very well.

John
Guest

Hmm... I read blogs on a similar topic, but i never visited your blog. I added it to favorites and i'll be your constant reader.

Bunker
Guest

I liked it. So much useful material. I read with great interest.

Ventego
Guest

Very interesting and amusing subject. I read with great pleasure.

Leave a Reply

Your email address will not be published. Required fields are marked *