AntiSpam Guide
Internet Scams: Phishing
from: SoftwareTalks
There have always been scams. Get-rich-quick letters, pyramid schemes, fake competitions, charities that don't exist. The Internet hasn't increased the chance of falling prey to scammers - it just makes it easier for the scammers to get your attention. The tools available to senders of disreputable e-mail are extensive and cheap. Spam is illegal in many countries but we still get a lot of it. The same goes for the scams that arrive in our inbox.
These days, there are so many possible scams that it can be hard to tell the difference between them. The first we'll focus on is the practice of 'phishing' - the word is derived from 'fishing' for consumer information, and 'ph' is a common replacement for 'f' in the hacking community. Phishing refers to the process of tricking you into giving up personal details such as your bank account or credit card details, or your passwords. Phishing is so prevalent on the Internet today that if you receive an e-mail purporting to be from your bank, it's likely to be either a criminal attempt to find out your login details and steal your money, or a real e-mail warning you to be careful of this phenomenon.
When I use my online banking service, I'm faced with no less than three separate warnings to ignore any e-mails claming to be from my bank. At the same time I receive genuine e-mails from my bank, which themselves tell me to ignore e-mails from the bank. Another example is eBay, the popular web auction site. There was a time when eBay sent me regular e-mails about my account and the progress of my auctions. Now eBay urges their users to use an internal messaging system, akin to e-mails that only work when you're using the site, to communicate with the company. It's less convenient, but it is safer.
Due to the prevalence of this scam, most reputable companies, especially banks, will not ask you to take any direct action as a result of receiving an e-mail from them. They specifically request that you visit their company website directly and type in the address yourself, in order to seek more information.
Here's what to look out for. A phishing e-mail will often look and read like genuine material from a real company. So when you receive an e-mail from a company with whom you do business, think before you respond. Why did I get this e-mail? What is it asking for? Do I really need to take action now or can I verify it first? If the e-mail seems suspicious, for example if it's out of the blue, or contains spelling or grammar mistakes, you should check it before doing anything else by calling the company.
You can also visit the website of the company, and login to check on your account, but be very careful not to click on any links from the e-mail. Through the use of pictures that look like text links, and also through the use of IP addresses (like 203.23.45.61) instead of regular web addresses, the e-mail changes where you end up but not the text that you see on the screen. Using this method, scammers can unknowingly redirect you to malicious sites. This is how they get people to enter personal details which are then sent over the Internet: not to your bank, but to criminals. The solution to this is easy - type the address you know, for example www.paypal.com, directly into your web browser yourself, and make sure you don't make any typing mistakes.
There are also e-mails which clearly and simply request - for example - your credit card number, and some people do reply with these details. Just remember that you'll never be asked for such details in a legitimate e-mail.
An interesting but rare form of phishing involves criminals purchasing a misspelled website name, for example www.payplal.com, and constructing a real-looking site designed to fool people. Only a small percentage of web users will incorrectly type the name, and less still might go on to enter their private details, but this can be enough for web bandits to make a tidy profit.
It's clear that banks and Internet giants are worried about the problem. But how concerned should we be, as Internet users? According to Gartner Research, phishing fraud between mid-2004 and 2005 cost over US$2.4 billion. Phishing is big business. The good news is that prevention is not difficult. The popular and free Gmail service, from Google, includes a phishing filter that alerts you to most kinds of phishing e-mails. You can find an anti-phishing attachment on Microsoft's free MSN Toolbar and also in the next version of Internet Explorer (7.0). To report an e-mail or a site that you believe is a scam, you can visit www.antiphishing.com.
Technology can only help so much. The best defender against phishing scams is you. Take care when you receive e-mails and type in web addresses and remember, if in doubt: close your browser window or e-mail, and verify.
About the author:
SoftwareTalks features regular articles from in-house experts facing personal technology issues rarely raised in popular media.
For permanent link to this article click here.
Related story:
How To Eliminate Wordpress Blog Comment Spam
from: Danny WirkenOne of the most serious problems with any blogging system, including WordPress, is that the comments area is wide open to that scourge of the Internet, spammers. In this case, it's comment spam.
Comment spam is created by people seeking to boost their Google rankings by having lots of links pointing to their own websites. This causes a wide variety of problems:
* When Google detects content spam, they will often block the site it's coming from because it messes up their ranking system.
* It takes up your valuable time and bandwidth to eliminate these posts.
* If the onslaught of spam is heavy enough, it may result in a denial-of-service attack, intended or not, which is a situation in which the server tries so hard to post bad ...
To read the rest of this story click here.
Why Spam Filtering News
How Much Does Spam Cost You? Google Will Calculate - PC World
How Much Does Spam Cost You? Google Will Calculate PC World - It's part of a marketing campaign for Google Message Security, the online spam-filtering service based on the Postini technology Google acquired last year. ... |
How Safari 3.2's Anti-Phishing Does, and Doesn't, Work - TidBITS
How Safari 3.2's Anti-Phishing Does, and Doesn't, Work TidBITS - Despite three layers of spam filtering on my TidBITS mail account, I received an obvious spam message claiming to be from the Canada Revenue Agency. ... |
Spam And Virus Filtering Services Introduced By Hivelocity - webhostdir.com
Spam And Virus Filtering Services Introduced By Hivelocity webhostdir.com, UK - Hivelocity (www.hivelocity.net), a dedicated hosting provider, has announced the introduction of spam and virus filtering to the list of services it now ... |
New Marshal8e6 Releases Comprehensive Content Filtering for ... - MarketWatch
New Marshal8e6 Releases Comprehensive Content Filtering for ... MarketWatch - MailMarshal Exchange can be used in conjunction with MailMarshal SMTP or other email gateway products used to secure against spam and malware. ... |
Red Condor Names Dr. Thomas Steding as Chief Executive Officer - MarketWatch
Red Condor Names Dr. Thomas Steding as Chief Executive Officer MarketWatch - "There are a number of copycat products and services in the email security and anti-spam space, which leverage the same filters and engines as their ... |