Log in

21 January 2008

Let’s (not) go phishing!

Posted by Jerry Kidd under: Computer Security .

Let’s talk about phishing.  No, not fishing with a rod, reel and some bait, but phishing where hackers try to get you to give up some personal information by exploiting a weakness in your browser or email service.

Here is how it works:

This weakness allows malicious coders to create Web sites that look exactly like legitimate sites, credit card companies, or online merchants, and ’spoof’ the web addresses. When a user is at one of these sites and looks in the address section of IE, it will appear as if they are at that company’s site. Everything from the https:// to the little yellow padlock at the bottom of the ’secure’ page can appear complete with the spoofed company’s web address or URL (Universal Resource Locator) in the proper places.

This means that you can no longer trust what you see in the address bar, especially if you are clicking on a link from an e-mail message or from another web site. The possibilities are endless and very dangerous for the less technical Internet going public.  The opportunity for identity theft is enormous and you should take steps to protect yourself.
Because of this latest method of tricking users into divulging personal and financial information, it is important that you do not click on any links in e-mail that supposedly come from your bank, eBay, PayPal, Amazon.com or any online merchant or financial institution.

If you receive what you think is a legitimate e-mail message from one of your financial or merchant Web sites, do not click on any link in the e- mail, especially if it is asking you to update your information.

Always go to the company’s Web site manually by opening your browser yourself and typing in the actual address for the company. If the information sent in the e-mail is legitimate, then you should be able to access it through the companies Web site when you sign-in or login to your account.

If you have set up your computer to automatically download and install the weekly updates from Microsoft, then your browser has been patched so that it will show the actual address of the website that you are viewing…but the patches can’t help you if you travel to one of those sites and give up the information that are asking you to provide.

The best advice is to NOT click on links contained in emails that purport to be from you lender or financial institute.  It’s ALWAYS best to manually type in the link into your browser.

Stay safe out there!

If you enjoyed this post, make sure you subscribe to my RSS feed!

Leave a Reply

retaggr

Browse

Subscribe in a reader

Or enter your email address to subscribe via email:

Delivered by FeedBurner

Categories

Links

Jerry Kidd C…, Real Estate Professional in San Francisco East Bay My Amazon.com Wish List
Real Estate Blogs - BlogCatalog Blog Directory OnePlusYou Quizzes and Widgets
Created by OnePlusYou