Article Directory :: Computers & Technology Articles

“Phishing” for Suckers: Two Things You Should Look For In An email

By John Young

Subscribe to John Young's RSS feed using any feed reader!

Republish: EasyPublish
Published: 30Aug2006
Word count: 946
Viewed: 417 time(s)
Bookmark this article using any bookmark manager!
Get Free Content For Your Site

“For Your Immediate Attention! Don’t Lose Your Account! Update Immediately!”

Bob opened the email and was confronted by the logo of one of his major credit card companies. He had been carrying the card for some time, and had used it for a lot of online purchases.

Understandably he was concerned with the message under the logo: “Due to online identity theft, we need to verify that the information in your account is accurate, or we will be required by the FTC to suspend it”.

Below was an itemized list of the information he was required to verify: his old account number, name, address, telephone number, social security number, and mother’s maiden name. The also wanted him to change the password to his account.

Panicked, Bob hit the reply button and started filling in the information. He didn’t want to lose that account. He had set up several online accounts using that credit card number, and used it to buy and sell in online auctions…

THE “PHISHERMEN” AND THEIR HOOKS

“Phishing” is a technique used by identity thieves to stampede people into giving out their credit information online. The scam has been around for awhile, and, unlike Bob, most people are aware that they should never:

• Be intimidated by a message found in an “authentic looking” email

• Reply by giving vital information to the “phishers”

• Open up any links contained within the email, which can download “criminalware” onto their computer.

We all know these facts intellectually, but when confronted by an intimidating message, many of us react emotionally, not rationally. Maybe I’m more easily intimidated than most, but I’ve found myself opening an email and feeling compelled to fill out the information the message demands.

I have to confess an incident that occurred when I almost did that very thing. In my own defense, however, I have to say that it happened before I’d ever heard the term “phishing”. Fortunately I became suspicious before hitting the “Send” button.

But I almost did it. I almost sent it off and thereby hanged myself.

THE LAKE IS GETTING CROWDED

Although the public is becoming savvier to this scam, the “phishermen” must be experiencing success because the Anti-Phishing Working Group, http://www.antiphishing.org/ reports that phishing incidents are on the upswing.

They list 28,571 consumer reported incidents in June 2006, almost double the reported numbers in June 2005.

More suckers are being “phished” than ever before, and as every honest fisherman knows, there is no bag limit on suckers.

HOW TO IDENTIFY LEGITIMATE EMAILS

Of course, the best thing to do when asked for vital information by someone purporting to be a legitimate credit card company or other institution is to call the company on the telephone and ask if the email in question does indeed come from them. Then, if it has, go to that site to change your information.

But there are a couple of “quickie” things you can look for in the email itself, which you should do if you are alarmed by the message and tempted to jump.

1. Check the “From” Address to see if the address is correct. It should come from a top level domain, i.e. ebay.com, not a sub domain such as ebay.security.com. A sub level domain can be obtained on line for free, and is not something a legitimate company would do.

2. Make Sure the “digital signature” is valid.

KNOW YOUR DIGITAL SIGNATURE

I don’t know if you’re like me, but my eyes glaze over when somebody mentions the words “digital signature”.

Basically, it’s just an electronic means of verifying that the email you received:

• Has originated from the source it claims to come from

• Hasn’t been intercepted and repackaged on the way.

An email that is “digitally signed” has a little red icon down in the lower left hand corner in the ‘To…From” box.

Click on that icon and you can find information about the sender. Be sure your email client is “S/MIME” compliant. “S/MIME” compliancy is supported by over 350 million email clients, including Microsoft Outlook, Lotus, Novel, Netscape and MacMail.

As noted on the antiphishing site, this is unspoofable for two reasons:

• It is strongly encrypted.

• It is generated when you open the email, not at the source

The email client has validated four things on receiving this email:

1. The email address in the “From” field matches the one in the digital certificate.

2. The certificate was issued by a trusted authority.

3. The message wasn’t tampered with in transit.

4. The certificate itself has not expired.

To put it simply, the certificate makes sure the email has indeed come from who it says it has come from, and hasn’t been tampered along the way.

To see what the certificate looks like, check out:

http://www.antiphishing.org/smim-dig-sig.htm

THREE WAYS TO PROTECT YOURSELF.

There are three good ways you can protect yourself from “phishermen.”

1. Call the company they supposedly represent. Don’t respond to alarming statements demanding personal information online.

2. Don’t open any links in the email. They can download “criminal ware” that can start gathering vital information off your computer.

3. Don’t open suspicious emails unless you have an “S/MIME” compliant email client and can view and open that digital icon.

LOOKING FOR SUCKERS

The phishermen are out there and still looking for suckers. Based on the rise in reported incidents they are still finding them. Armed with a little knowledge and a healthy awareness, you won’t end up in their “game bag”.

You definitely don’t want that…because the next stop is the frying pan.

John Young is a writer with a scientific and programming background. At the age of 62, he lives in California with his wife and pet cat “Bear”. His new book “Protect Yourself Against Identity Theft” can be found at: http://www.youridentitystolen.com

Bookmark this article using any bookmark manager! Subscribe to John Young's RSS feed using any feed reader!

EasyPublish™ this article - publishers click here

More articles by John Young

Free Report!
Ten Essential Secrets Of Article Marketing ... Grab Your Free
Copy Now:




We respect your privacy.

Need Content?
Regular Top Quality Content for your Blog, Ezine or Website ...
Delivered Direct,
For Free!
Click For Details


Arts & Entertainment
Automotive
Business - General
Computers & Technology
Finance & Investment
Food & Drink
Health & Fitness
Home & Family
Internet Marketing/Online Business
Legal
Pets & Animals
Politics & Government
Reference & Education
Religion & Faith
Self-Improvement/Motivation
Social
Sports & Recreation
Travel & Leisure
Writing & Speaking

More computing articles:

  • Using Cell Phone Tracker To Track Mobile Phones (Unnah Mitchels)
    A cell phone spy is used to track the owner of a particular cell phone and also the calls made by the cell phone owner. Using this software, one could track the exact location of the owner of the targeted mobile phone. The beauty of this software is that the targeted cell phone owner will not be able to see the software or the log information related to the mobile spying activities.

  • Using 3D Cover Flow Flash (Brian Neil)
    If you have decided to create a website in order to promote your online business, you will quickly realize that you will have many decisions to make. Not only do you have to know at least a little bit about online marketing, but you should also have some experience setting up a website.

  • Many Aspects of Flash Accordion AS3 (Brian Neil)
    There are many people that choose to use the flash accordion as3 menu. This is because there are a great many amazing features that go along with this product. Of course, before you make your purchase, you should make sure that this is the right product for you.

  • Customizing the Flash Dock Menu (Brian Neil)
    There are many different pieces that you will have to put together to make up your website. Many of the features that you will have to include are extremely important. All that you have to do to figure out which features are the most important is to look at various websites.

  • A Truthful Justhost Review (Hanson Raider)
    Finding a trusted webhost is an important yet easy task but every one of you would concur to the fact that finding a reputable web host can be exhausting and tricky. Furthermore, with all the commercials released that refers to incredible web hosting offers , Justhost hosting review can offer everyone a wide-ranging rules on what to search for in the web hosting provider.

  • Get Into The Blue (Hanson Raider)
    As the days go by and our ideas and opinions become seasoned by time we all understand on very important thing, we need a web host. That is, if we ever expect to express these seasoned and learned opinions in an open venue meant for such a topic. What about that idea you had for manufacturing and selling your hand crafted wares, now you will have a place to showcase your products with your own website.

We Automatically Distribute Articles
To Thousands Of Publishers And Web Sites:
Submit Article
All content is viewed and used by you at your own risk and we do not warrant the accuracy or reliability of any of the information. The views expressed are those of the individual contributing authors and not necessarily those of this web site, or its owner, Takanomi Limited.
  
Copyright © 2012 Takanomi Ltd. Company no. 5629683. All rights reserved. | Privacy | Legal | Contact Information