Saturday, May 23, 2009

Phishing for Bucks

My last blog entry on Phacebook Phishing scams generated some questions about Phishing. Phishing is a scam where Internet fraudsters will send seemingly authentic spam or pop-up messages with the intent of luring personal and financial information from unsuspecting victims. Quite often the emails or pop up messages appear official and may contain exact fonts, graphics and other layout items to mimic a real website such as a bank, internet service provider, email account, etc. They typically prompt you to enter in your private information such as account number, password, address, SIN, credit card numbers etc.

Follow these basic steps to avoid getting 'hooked':
  1. Use anti virus/spyware/malware software - remember that some are better than others and you typically get what you pay for! I use Vipre Antivirus from Sunbelt Software because its light, efficient and effective. Keep your subscription and definitions up to date and set an autoscan at a time when your computer is actually on! Malwarebytes is a great free program that has outshone many of the top level malware programs that one would pay good money for. The paid version offers real-time protection and supports the developers on their efforts. If you need asstance with diagnosing or removing an infection you can reach me here.

  2. Use Phishing protection - the top level browsers (IE7, Firefox, Chrome, Safari) and email clients have built in Phishing protection but, to date, the results are inconsistent. An Anti Phishing protection toolbar recieving great praise is freeware from Netcraft. Anti Phishing programs basically exposes the website or links true internet address and in most cases a risk rating is also provided. For example the real facebook website is located here -> Facebook and this link -> 'Click to visit the real Facebook' suggests linking to Facebook but it doesn't. (Links to Datashield website) How would one know which, if either, is the real ink? Anti Phishing programs are designed to give you an added advantage over the internet scammers but, like any security risk/solution area it's constantly evolving and for most users waaaay to complicated. Here's a link to a Wiki on Phishing and other vulnerabilities which I found informative.

  3. Don't email personal or financial information - email is easily read by almost anyone with some basic knowledge and one of many free packet scanners. There are a number of ways to encrypt your data including using Microsoft's Outlook, Mozilla's Thunderbird, PKzip, etc. There are also online secure email providers which provide a secure service. Never send your credit card, banking information or passwords via email!

  4. Don't reply to email or pop-up messages that ask for personal or financial information. Do not click on links in the message even if it seems legit - links can take you to pages where malicious software can download to your system and open the flood gates to all sorts of mischief. Hackers can make links look like they go one place, but that actually send you to a different site. The best way to navigate to a site is by physically typing the address in the browser address bar. (I know...what fun is that!)

  5. Use an aftermarket firewall that monitors both incoming and outgoing connections. Routers and Windows (XP and up) offer good quality firewalls but the default settings are less than informative as to what is coming and going from your system. Trojans can hide on your system quite easily as can key loggers. Trojans can provide access to your system remotely or even transmit personal information to an outside location. Key loggers will monitor your keystrokes and again send that info out to other people. I've had great results with Comodo's Free firewall. Comodo has packaged their highly configurable free firewall with an antivirus addon which can be disabled independently. A good product in my experience.

  6. Don't open email attachments unless you are expecting it! Many scammers will try and gain your confidence by emulating someone you may know. Common email subjects are used such as "Hey, its me!" or "I have a question" or "UPS delivery confirmation - verification required". Recently the Phacebook Phishing scam did just that - they created a dummy facebook logon and grabbed as many facebook emails as possible to get their scam going. Once you attempt to logon to the dummy site the hackers then have access to your Facebook account, personal information and email contact list. Away they go....

  7. Reviewing credit card and bank account statements as soon as you receive them is a good practice. Check for unauthorized charges and if your statement is late by more than a couple of days, call your bank/ credit card company and confirm your billing address. Once a scammer has enough of your personal information they can change billing addresses, increase amounts, apply for additional credit cards etc.

In spite of all the dark stuff, the internet remains a great place for access to information and other resources on almost anything. Unfortunately there are people who use technology to take advantage of the unsuspecting and the best thing anyone can do to keep the internet safe is to educate themselves on the types of risks out there and protect yourself in the event that you are infected with a virus, malware, scareware etc. Backup your data, report phishing attempts and don't pass on emails that are potentially unsafe.

Surf on Dudes!

Thursday, May 21, 2009

Phacebook Phishing....

There's a new threat to you and your friends personal information - courtesy of Facebook. I recieved a facebook email from a friend this morning and it said to check out 'kirgo.at' - so I did. It took me to a page that resembled a Facebook login page and fortunately I stopped there.

Thanks to the quick response of my facebook friend he notified all concerned that his account had been comprimised and an email was sent from his account. I immediately changed my password and passed the information to all my friends just in case. Electronic communication can spread a security breach quickly but it can also be minimized by quickly informing as many people as possible.

These types of attacks are known as 'Phishing'. The offending parties attempt to decieve users into giving up their logon credentials and can quickly change your password thereby locking you out of your own account. If you have personal information kept in your Facebook account it now also belongs to the hackers as well - a scary thought.

It's common sense really but even people in the know can be mislead. In this case the web addresses to avoid are:

  • areps.at
  • nutpic.at
  • bests.at
  • kirgo.at
It’s only a matter a time before similar scams pop-up. Facebook shuts these down as quickly as possible but could provide a better notification system simply by posting alerts on all users accounts. They have the ability to do pretty much anything they choose and this would be a good choice.