Tech – for Everyone

Tech Tips and Tricks & Advice – written in plain English.

Phishing phraud

Folks, a short one today. The main point can be found in this report from Gartner– 3,500,000 Americans gave up sensitive information to phishers in 2007, for a total loss of $2.8 billion dollars. We, Dear Reader, are being conned and ripped-off at an alarming rate.

I have talked about phishing here before, and warned you against clicking on the links you receive in e-mails before too. These phishers have become so skillful and crafty that it truly is nearly impossible for the average person to tell a fraudulent phishing website from the real. The phraudsters are also developing techniques that are making the usual defenses (ie, “blacklists”) ineffective. And the number of cyber-criminals, and their phishing sites, is growing.

Tip of the day: Turn on a heuristic phishing filter.
It is more important than ever that you exercise caution and apply safe browsing practices when you go online. (To read my prior articles on phishing and safe browsing, click here.) One of the few tools that can help you when it comes to these bogus websites is a filter which uses heuristics to watch the webpage for activity that indicates hacker techniques.

For those of you using IE 7, make sure this filter is turned on. Click on the “Tools” menu (upper-right corner) and then select “Internet Options”. Then click on the “Advanced” tab.
phishfiltr.jpg
Now scroll down through the list of options until you see the Phishing Filter (as shown) and make sure the “Turn on automatic website checking” radio-button is selected.
Click on “OK”.
Now you will have some protection enabled, and when you go to a website that is not “acting right”, a warning message will pop-open and alert you. When this happens, I suggest you close that window and leave that site quickly.

For those of you using “alternative” browsers; you may find a built-in phishing filter much like IE’s (by exploring the Options) depending on which one you have (some do, some don’t) or you can download an “extension” (aka “plug-in”), such as SiteAdvisor, and today’s free link.

Today’s free link: the free version of LinkScanner allows you to right-click on a hyperlink (in an e-mail you receive, for instance) and determine if it is valid. I can recommend the “Pro” version, as well, as a much more complete tool.

Help protect your privacy and your “identity”, and take these simple steps. And, maybe, send this article to your friends.

Copyright 2007-8 © Tech Paul. All rights reserved.

Share this post :

January 18, 2008 - Posted by | advice, computers, how to, IE 7, PC, Phishing, privacy, security, tech, Windows | , ,

4 Comments »

  1. Hi Paul,

    I have to agree with everything you’ve said in your article about phishing phraud. Not that I am an expert by any stretch, just good to see awareness growing in the industry.

    The reason I am writing is to ask which Gartner report you got the 2.8 billion USD loss statistics from? I would like to buy a copy.

    Best Regards,

    JR Smith

    Like

    Comment by jr smith | January 19, 2008 | Reply

  2. Mr. Smith–
    I gathered the reference from other sources, but I believe the actual report is dated December 13th, and is titled: “Phishing Attacks Escalate, Morph and Cause Considerable Damage”, by Avivah Litan.
    http://www.gartner.com/DisplayDocument?ref=g_search&id=562912&subref=simplesearch

    Like

    Comment by techpaul | January 19, 2008 | Reply

  3. Paul,

    Thanks for taking up this important issue. I would like to mention another solution that gives an individual Internet user protection against phishing and other Internet scams, unreliable online shops, and malicious content such as spyware. With the free WOT browser add-on, you can easily see the reliability of companies and their websites. WOT will warn you and save your computer before you interact with a harmful site.

    WOT, Web of Trust, is an online community for reputation rating that lets Internet users share their knowledge of websites. Besides its users, WOT uses hundreds of trusted sources such as phishing site listings to keep WOT users protected against rapidly spreading online threats.

    WOT is free and it is available for the Internet Explorer and Firefox browsers and is free: http://www.mywot.com

    Like

    Comment by Esa Suurio | January 23, 2008 | Reply

  4. Folks–
    I have decided to leave this comment up for your consideration somewhat reluctantly. I have never used this tool, and frankly don’t know that much about it.
    The concept here is a “social” one of community-looking-out-for-community (nothing wrong with that, per se), and is much like Digg, or Del.ico.us in that people ‘vote’ on sites they run across as being ‘safe’ or not.

    With today’s phishing techniques– namely that these sites appear (200/day?), do their dirty work, and disappear so quickly that “blacklisting” known sites has become a largely obsolete and ineffective anti-phishing method — I cannot recommend this type of security as your sole defense…
    It doesn’t hurt to use it (blacklisting) as a suppliment to heuristics and smart/safe browsing practices, though.

    Like

    Comment by techpaul | January 23, 2008 | Reply


Post your Comment/Question

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: