|
|
 Home
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Anti-Phishing Guide
Tuesday, May 13, 2008
|
What is Phishing?
How do you know the person on the other end of a phone call is really who they say they
are? You don't. And email is the same way. Emails can be sent from anyone claiming to
be whomever they want. Phishing is when a person sends out an email falsely claiming
to be part of an established and legitimate business. The email will ask the user
to follow a link and enter in personal information (like your social security number,
credit card details, account information, etc) for the purposes of "verification". As you
enter these details, the hackers behind these scams are quietly recording your
information. Armed with credit card accounts and social security numbers, a hacker could
steal your identity, ruin your credit or worse - all without your knowledge!
Think it's easy to spot a hacker?
Don't be so sure. The most dangerous part of these Phishing attacks in that they
look completely legitimate. For instance, let's just say you receive an email that
you think is from your bank. The name in your inbox says its from your bank and it has
your banks' logo, the banks' colors and it looks like other emails they've sent you. So
you trust it to be real.
Next, you click on the link in the email and it takes you to a web site that looks like
your banks' website. Even the URL at the top of the page looks completely normal.
So how is it that you are being scammed?
A Revealing Look at Phishing Scams
Let's re-examine that email you got and see how a phisher could fool you:
1. Who is it from?
Phishers cleverly disguise the sender identification to make the email look like it is
coming from a bank or online merchant. This is called "sender spoofing".
2. Urgent - You need to update your account information!
In the email there will be a message stating that your personal information needs to be
updated or that you may have incurred a fraudulent charge. Then it will instruct you to
follow a link (ie "Click here to update your information").
3. The Missing Link
This link is the crux of a phishing email. Even though the link says it is going to some
legitimate website, the actual destination of the link is masked, so you can't see
where it is actually taking you.
4. The Imposter Website
The website that you end up at will probably look very professional and much like the
actual site you thought you were going to. It will probably feature logos and images
taken from the legitimate website, in this case your banks'. The URL (http://www.mybank.com)
at the top of the page may even look like you are at your banks' website. All this is
designed to lull you into a false sense of security so that you will give you personal
information away. This false (spoofed) website will ask you to give them anything from
login and password information to credit card and social security numbers. And once a
phisher has your personal information, your identity and credit rating are as good as
gone.
Recent Phishing Attacks
Not sure if it's a phishing attack? Check out our archives to see some documented
phishing scams.
Telltale signs that someone is trying to phish you
Learn how to protect yourself.
How do you protect yourself from a Phishing scam?
First, it is important to understand that legitimate businesses should never ask for
your personal information through an email. But since not all legitimate businesses follow
this protocol, you should have some extra protection to know the difference between an
honest email and a hoax.
With Secure IE Browser Security you can rest assured that no phisher will be able to
fool you.
Secure IE's Security Manager allows you to corral your favorite sites (like your bank or
eBay etc) into security zones that you can see at the bottom of your browser
window. Think of security zones like you would a traffic light. Green means "Go",
Yellow means "Caution" and Red means "Stop". If you click on a link in an email and it
sends you to what you think is your bank's website, simply check the security zone at the
bottom of the page.
Since you trust your bank lets say you have categorized it as:
However, the link you clicked on takes you to a page that looks like either of these:
Since the security zone is different, this immediately warns you that you are in
dangerous waters and it is likely the site is an imposter.
Phishing is just one of the ways that a hacker can attack your computer.
Here's how Secure IE's multifaceted security protects your computer:
- Stops Spyware at the point of entry by restricting ActiveX to a
"safelist" of authorized software
- Blocks popups that are often used by hackers as a gateway to installing
programs you don't want on your system.
- Features an automatic security tune-up that scans your PC, detects and
corrects current browser security problems.
Get the Protection You Need
|
|
Privacy Policy
