Netcraft Anti-Phishing Toolbar - I downloaded and installed the Netcraft Anti-Phishing Toolbar today and will run it for about one week and then review it. 12/29/2006
A Phishing scam is when a hacker sends out an official looking e-mail from a well-known company that tricks the reader into thinking that they need to follow the instructions to update/reveal personal information about an online account. DON'T DO IT!!
Most phishing scams are official looking e-mails that supposedly come from a Bank or Credit Card company, and sometimes even web sites like eBay and PayPal, requesting that you update your account information. This scam is supposed to convince you to go to the web site linked in the e-mail to comply with the included instructions, but they then record everything you type on that page and will instantly have access to your personal account.
More than likely the hacker has used official company logo's, some official company URLs, even company newsletter formatting, in the e-mail to convince you to click on their web site link. That will then lead you to a web site they created to look exactly like the official company's web site. The URL of the hacker's web site might be a mis-spelling of the official company's name so that it could easily fool you into thinking that you're at the official web site for that company.
Even worse yet, if you're using MS Internet Explorer, these hackers can also Spoof the URL of a Web Site so that when you look in the address bar you'll see what you "think" is the actual company web site. Wanna see how it works? Here's an example (I've run this test on my own Personal Computer and I trust Secunia.). It's a flaw that has been patched, but when was the last time you updated YOUR Operating System? Uh huh, that's what I thought. Update Your OS NOW at http://windowsupdate.microsoft.com/! (That is the original Microsoft Windows Update URL and it will change to the current Windows Update URL on it's own. As of Nov. 29th, 2004 the actual working URL for Windows Update is http://v5.windowsupdate.microsoft.com/v5consumer/default.aspx?ln=en.)
Some phishing scam e-mails are created to fool you into thinking that you placed a credit card order online and then claim there's something wrong with that order (You can/will get these phishing scam e-mails even if you haven't placed an online order recently.). When you click the link to "see what this is all about", the web page you visit could easily install a Trojan/keylogger program on your PC that will then record everything you type while you're at your PC. It creates a log file that the hacker will access whenever you're online and retrieve anything you've recently typed on your keyboard from that file. If that happens to include any personal information you've typed at a bank or credit card company web site, well, you're S.O.L. folks. Now they've got your number!
This is very serious business folks!! These scams do fool people on a daily basis; If these scams didn't work, the hackers would stop sending out these phishing e-mails.
So, what do YOU do if you get an official looking e-mail from a company you do business with who wants you to update your account/personal information? Do Not Follow the Links in That E-mail! Open a new browser window yourself, type in the company URL BY HAND, or use a SAVED BOOKMARK for that company web site so you'll KNOW that you're at the correct web site. DO NOT CLICK ON ANY LINKS IN AN E-MAIL THAT YOU'RE NOT EXPECTING!! Better yet, DON'T OPEN THOSE E-MAILS IN THE FIRST PLACE!!!
with questions or comments about this web site.
|