Phishing phraud
Folks, a short one today. The main point can be found in this report from Gartner– 3,500,000 Americans gave up sensitive information to phishers in 2007, for a total loss of $2.8 billion dollars. We, Dear Reader, are being conned and ripped-off at an alarming rate.
I have talked about phishing here before, and warned you against clicking on the links you receive in e-mails before too. These phishers have become so skillful and crafty that it truly is nearly impossible for the average person to tell a fraudulent phishing website from the real. The phraudsters are also developing techniques that are making the usual defenses (ie, “blacklists”) ineffective. And the number of cyber-criminals, and their phishing sites, is growing.
Tip of the day: Turn on a heuristic phishing filter.
It is more important than ever that you exercise caution and apply safe browsing practices when you go online. (To read my prior articles on phishing and safe browsing, click here.) One of the few tools that can help you when it comes to these bogus websites is a filter which uses heuristics to watch the webpage for activity that indicates hacker techniques.
For those of you using IE 7, make sure this filter is turned on. Click on the “Tools” menu (upper-right corner) and then select “Internet Options”. Then click on the “Advanced” tab.
Now scroll down through the list of options until you see the Phishing Filter (as shown) and make sure the “Turn on automatic website checking” radio-button is selected.
Click on “OK”.
Now you will have some protection enabled, and when you go to a website that is not “acting right”, a warning message will pop-open and alert you. When this happens, I suggest you close that window and leave that site quickly.
For those of you using “alternative” browsers; you may find a built-in phishing filter much like IE’s (by exploring the Options) depending on which one you have (some do, some don’t) or you can download an “extension” (aka “plug-in”), such as SiteAdvisor, and today’s free link.
Today’s free link: the free version of LinkScanner allows you to right-click on a hyperlink (in an e-mail you receive, for instance) and determine if it is valid. I can recommend the “Pro” version, as well, as a much more complete tool.
Help protect your privacy and your “identity”, and take these simple steps. And, maybe, send this article to your friends.
Copyright 2007-8 © Tech Paul. All rights reserved.
| Share this post : |  |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
4 Comments »
Post your Comment/Question
• About Tech Paul
I am a Retired computer & network technician. I used to think the machines were pretty cool. Now I don’t.
They’re anything but.
I regularly posted how-to’s and tricks & tips and general computing advice here starting in 2007. (Use the Search tool to find answers. But be aware, many are rather dated.) Sometimes I answered (your) specific questions in an article if I believed the answer was generally helpful to “everyone”. All the writing you see was my own, typos and all. There always is/was an implied “IMHO” in what you see here.
Note: You are responsible for using this blog and its content. I am in no way liable for any losses caused by user error, viruses and/or other malware, hardware or software failure, or any other conceivable reason.
-
Say "thank you!" Buy Tech Paul a cup of coffee (and keep T4E ad free).
-
-
McAfee® Cybersafety Resource Portal, an online help center designed to assist victims of computer crime and provide information on how to avoid becoming a victim.
-
Subscribe to Tech--for Everyone by EmailRecent Comments
-
-
-
-
Also:
-
-
Tech - for Everyone 
Hi Paul,
I have to agree with everything you’ve said in your article about phishing phraud. Not that I am an expert by any stretch, just good to see awareness growing in the industry.
The reason I am writing is to ask which Gartner report you got the 2.8 billion USD loss statistics from? I would like to buy a copy.
Best Regards,
JR Smith
LikeLike
Mr. Smith–
I gathered the reference from other sources, but I believe the actual report is dated December 13th, and is titled: “Phishing Attacks Escalate, Morph and Cause Considerable Damage”, by Avivah Litan.
http://www.gartner.com/DisplayDocument?ref=g_search&id=562912&subref=simplesearch
LikeLike
Paul,
Thanks for taking up this important issue. I would like to mention another solution that gives an individual Internet user protection against phishing and other Internet scams, unreliable online shops, and malicious content such as spyware. With the free WOT browser add-on, you can easily see the reliability of companies and their websites. WOT will warn you and save your computer before you interact with a harmful site.
WOT, Web of Trust, is an online community for reputation rating that lets Internet users share their knowledge of websites. Besides its users, WOT uses hundreds of trusted sources such as phishing site listings to keep WOT users protected against rapidly spreading online threats.
WOT is free and it is available for the Internet Explorer and Firefox browsers and is free: http://www.mywot.com
LikeLike
Folks–
I have decided to leave this comment up for your consideration somewhat reluctantly. I have never used this tool, and frankly don’t know that much about it.
The concept here is a “social” one of community-looking-out-for-community (nothing wrong with that, per se), and is much like Digg, or Del.ico.us in that people ‘vote’ on sites they run across as being ‘safe’ or not.
With today’s phishing techniques– namely that these sites appear (200/day?), do their dirty work, and disappear so quickly that “blacklisting” known sites has become a largely obsolete and ineffective anti-phishing method — I cannot recommend this type of security as your sole defense…
It doesn’t hurt to use it (blacklisting) as a suppliment to heuristics and smart/safe browsing practices, though.
LikeLike