Phishing

Although not specifically something that infects our computers, Phishing presents a security risk that we all need to be aware of.

Phishing involves fake e-mail messages with return addresses, links, and images which appear to come from banks, insurance agencies, retailers or credit card companies. These messages are designed to fool us into giving out personal information like usernames and passwords, credit card numbers, social security numbers, etc. Because these emails look official, we may respond to them, resulting in financial losses, identity theft, and other forms of personal / financial loss.

One of the primary rules in avoiding being a victim of phishing is to never respond to e-mail requests for personal and financial information. If you get an e-mail asking for the information to be sent back in an e-mail, do not reply. If the e-mail has a link to a website where you are supposed to enter your information, do not click on it. Either of these actions can give the phisher a lot more information than you might think, including a way for them to get the information that they want right from your computer!

The image below is a screen shot of what a phishing site might look like. Notice how much it looks like the eBay site. One thing that should jump out and scream 'fake' is the address - http://210.119.235.149. The address should start out as http://www.ebay.com. Another clue is the wording - "your account may behave unnormally" is another clue that the site is not what it appears to be. It suggests that whoever wrote the page (and whoever approved it for release to the Web) may not have a good command of English. Wouldn't you expect the eBay site to be a little more professional sounding?

Click for Lager Image
Click for larger image

If you are ever in doubt about the validity of an e-mail message from a merchant, bank, insurance agency, or any other entity that is asking for you to supply personal information, go to their site directly rather than using the link in their e-mail. A flaw in Internet Explorer could easily make it look like you were at the right site when you click on the link, when it is actually the phishing site!

Also, check out the current phishing scams at Anti-Phishing.org. The site offers a LOT of information on phishing, from news and resources, to papers explaining Solutions to Address the Threat of Email Spoofing Scams.


AntiSpyware Tools
SpyBot Search and Destroy*
AdAware*
CWShredder*
Pest Patrol
Ewido
AntiVirus Tools
Grisoft AVG*
AntiVir Personal Edition*
Avast Anti Virus*
NOD32
Panda
PC-Cillin
McAfee
Norton
Firewall Tools
WebRoot Firewall
Zone Alarm*
PC Tools Firewall Plus*
Kerio Personal Firewall*
Miscellaneous Tools
PopUp Manager*
SpamBayes*
Spamihilator*
TrojanHunter
* Indicates a program is free or has a free version available.