Recently I have been receiving a new found volume of fraudulent emails so I decided to write you while I have these fresh examples. The term ‘phishing’ has been around for quite a while. In my opinion ‘phishing’ is when a fake attempt to capture real information is cast into your sea of emails. Or a trap is anchored hidden in an ocean of websites.
I will use the recent examples that I received to explain the email method and how to identify these potentially dangerous attacks. An email was sent to me addressed as though it was from Facebook. The subject mentioned that the website was updating their login system to become more secure. This email was clearly modeled from an actual email from the site notifying that a friend request had been received or something similar. There is a button in the email that is a hyperlink just like the button that would link back to Facebook to accept the friend request or whatever. So, looks like the real thing and it came from an email address at Facebook.com so I should trust it right? NO BEANS! From email addresses can be spoofed all day long so don’t trust them if the message content looks phishy. Watch out for any email that is asking you to follow a link to enter information. If it were legitimate it would direct you to visit their website, login, and then enter the info. Any of these emails that are so persuasive that you just have to double check, you can just open your browser and type in the web site or click on one of your own bookmarks instead of using the link in the email. The technical way to check if the link in the email is bait is to hover your mouse over it (in most cases) and look at the bottom of the screen for the address to which site it is actually switching you to. You could also use the menu in your email checking program to ‘view source’ on the message and you would see before the text of the link the actual address.
The traps that used to be here and there used a method where you would reach them with a miss spelling of a popular site or a miss leading ad on a popular search term. These sites would look familiar and try to get your info. Haven’t seen one in a while though. Most of these accidental visits direct me to tons of ads or the occasional malware attack.
Many of the leading brands of protection software offer protection against email fraud by warning you that a message could be potentially dangerous and also blocking the spoofed site if the link is clicked. The new Internet Explorer version also claims to help prevent phishing. You may remember a one time message asking you to enable this feature when windows update first installed the new version. Hopefully the information I am sharing will provide you with a truly effective method of protection… your own tuned skills of awareness.

Here are some links:
http://en.wikipedia.org/wiki/Phishing
http://www.symantec.com/norton/security_response/phishing.jsp

Categories: Home Computing ~ ~ Trackback