How to NOT Get Caught Up in a Phishing Attack and Scam


How to NOT Get Caught Up in a Phishing Attack and Scam

 

If you have kept up with the news whatsoever you probably heard about the spear-phishing attack that struck the Federal Government's Oak Ridge National Laboratory in Tennessee. Phishing is the act of sending out spam emails and hoping that one person clicks a link in that email that will take the user to a malicious website. Once on that website the users computer is then downloaded with malicious code that generally replicates itself and sends itself out to everyone in your email contacts. The more serious ones like the one at Oak Ridge will actually attack a whole network. Once inside the network, the infection can spread sensitive data to anyone, anywhere.

Spear-phishing is a targeted phishing attack. These are usually conducted against government entities or banking institutions. The attack on Oak Ridge was one of these spear-phishing attacks. No one knows where it came from but they do know how it got there. Someone clicked on a malicious website. Actually 57 clicked on it, out of the 530 people that received the email. Out of those 53, two machines got infected.

What can you do to prevent phishing attacks and scams? Knowledge is the best policy and here is some knowledge.

These scams find ways to get you to a page that looks like the login to a financial institution or other site where knowing your credentials can benefit them in some way. Many times the "hook" comes in the form of an e-mail that appears to be from a trusted source. Also in the e-mail is a call to click a link to go to a site that is made to look like the one you know.

Another common phishing scheme, especially on social networks, is to take advantage of messaging systems built into the products. The messages may even come from trusted friends, who have themselves fallen pray to the scam.

Once you are on the phishing site, if you type your login information, it will be sent to the bad guys, even though it looks just like a site you trust.

Your bank just sent you an e-mail. You open it up and the bank claims to have found an error in your favor. "Click here" to claim the money which is rightfully yours! The old saying still has resonance in this connected age. If it sounds too good to be true, it probably is.

Your friend may be touting a get-rich-quick scheme. Even if this friend usually shares completely reliable information, be wary. Your friend may have fallen victim to a scam himself. If you have his phone number, pick up the phone and get to the bottom of it. He may appreciate you alerting him to the scam.

Since we've all become fairly resistant to this "too good" scam, many phishers use the opposite approach. If it sounds too bad to be true, such as an unexpected large payment from your account being processed by your bank, watch out. The scammers are preying on your desire to fix the problem immediately.

The same goes for unexpected payments or charges with online wallet services like Paypal. When it comes to your money, especially, you can't be too skeptical. Read on for other ways to identify whether there's a scammer on the other end of that login form.

This may get a little techy, but it's something any internet user should learn. The URL (Uniform Resource Locator), which is the web page's full address, is a telling hint toward whether you're being scammed.

Your location bar is usually up at the top of the window you use for web browsing. The text inside starts with http:// or https://. The part that comes immediately after that is the host name, like /wired.com/. Sometimes, instead it has extra words up front, like /howto.wired.com/. That's called a sub-domain.

Whoever owns the main .com (or .net, .org, etc.) can make as many sub-domains as they want. Scammers use a simple trick to include your bank's name in front of their own web site name.

Let's say your bank's website is yourbank.com. A scammer might use yourbank.securebank.com, which looks pretty good. But remember, your bank can own anything ending in .yourbank.com. But whoever owns securebank.com (the scammer in this case) can put anything in front of securebank.com, including the name of your bank.

Using the URL to identify the scam means you have to understand the difference between securebank.yourbank.com and yourbank.securebank.com. If they look the same to you, know that makes you extra vulnerable. Just when you thought it couldn't get worse: often the scammers get really devious and use yourbank.com.securebank.com. The URL begins with your bank's complete web site name, but it's still a scam!

Some browsers identify the main part of the host name by bolding it in the location bar. That can make it easier to figure out whether or not you're looking at the real site. Even with the visual aid, it's still all too easy to misread the text in the location bar.

At this point, you have an inkling you're being phished, yet you also want to know if there really is a deposit waiting for your account. If it sounds too good to be true, and you aren't able to decipher whether it's the real URL, it's time to go straight to the source.

You need to visit your bank, or whichever site this is, directly. Don't click links in e-mails or messages, but preferably type the address of the site you usually use into the location bar. Alternatively, you can search for the name of the bank and click the search result.

Once you are on the site itself, log in there. Doing this will ensure that you are really on the correct website and not sending your credentials to a third party. When you have logged in, look to verify the information you were told in the potential phishing scam. For example, if your bank e-mailed you about a bounced check, wouldn't there be some sign of that on the site itself, too?

If you still aren't sure, you can go old school: Pick up the phone. If the site is a financial institution, there's got to be a way to call them. Remember to get the number from the real site, not from the site you visit by clicking a link.

Following this and other tips in this article should keep you safe from phishing scams. Healthy skepticism and a little technical know-how go a long way to keeping your personal data secure.

Other Tech Tips


» How to Make Outlook 2007 Display Picture in Emails?
» How to Check Your Computer’s Specifications?
» How to Copy and Paste Files or Pictures?
» How to Take a Screenshot of Your Desktop?
» How To Attach a File or Picture in Email?
» How to Reduce Spam with a Temporary Email Address?
» How to Delete Your Temporary Internet Files in Internet Explorer?
» How to Add All Holidays to the Calendar in Outlook 2003?
» How to Make Internet Explorer 8 Open Faster?
» How to Clear Recent Documents in the Windows XP Start Menu?
» How to Restore or Remove Your Browser's Tool Bars
» HowTo Speed Up Windows by Eliminating Background Processes.
» Export Global Address List (GAL) To Outlook Contact
» Slow Computer Fix - How Do I Fix My Slow PC Quickly
» Securing Your Computer From Online Threats
» Laptop Repair Guide - Easy Laptop Hard Drive Replacement
» How To Use iPad Transfer Software
» How to Speed Up Computer Like New in Minutes
» How to Recover Lost Data From Apple Mac Computer
» How to Keep Data on Your Laptop Secure
» How to Download YouTube Video and Save It to Your Computer for Offline Viewing
» Common Computer Security Mistakes
» Recover from a crash. (Microsoft Windows Operating Systems)
» Fix for a missing CD or DVD drive
» How to Create a System Restore point in Windows 7
» Simple Things You Can Do To Speed Up Your Desktop PC
» How to Find Out Your Computer Name, MAC Address, and IP Address
» How to Protect Your iPhone
» If You Are a Student, Take Advantage of What Microsoft Has to Offer
» How to Use Bluetooth Technology to Connect a Computer and a Cellphone
» How to Quickly Repair Your Cellphone That Was Dropped In Water
» How to Translate Text to Other Languages in Microsoft Word 2007
» Adding Internet Prefixes and Suffixes Automatically
» How to Disable Auto-Start Applications on Windows Startup
» How to Access Hidden Themes in Windows 7
» Microsoft Outlook Shortcut Keys
» How to Have Your Contact's Birthdays Appear in Your Android Phone's Calendar
» How to NOT Get Caught Up in a Phishing Attack and Scam
» How to Add the Quick Launch Bar to Windows 7
» Windows 8 Hot Keys
» How to Add or Remove a favorite in Internet Explorer 10
» How to remotely connect a Mac to a Windows PC
» How Do You Store Data?
» How you can recover your deleted files.
» Tips on troubleshooting monitor problems.
» How do you take a screenshot?
» How to clean your LCD monitor.
» Troubleshooting PC advice.
» How to prevent common computer viruses.
» How to care for your cellphone or laptop battery
» Get Your Apple Device Ready For iOS 7