Phretting over Phishing and Pharming :: Preventing Financial Fraud
Tuesday, January-24-2006
Same Goals – Different Methods
With all the main stream news surrounding these recent additions to the language
of the Internet online users are increasingly familiar with the term phishing but
perhaps less so with it’s close cousin pharming. Either way the essential thing to understand is all these scams, regardless of name, have a common theme.
They are attempts by electronic criminals to gain financially at your expense.
Electronic criminals in their phishing attempts have generally targeted large, well known institutions such as eBay, PayPal, Bank of America, and Washington Mutual. In response many such operations have implemented programs to combat the rising tide of such crime.
Responses include consumer education and improved login security procedures such
as Bank of America’s recent implementation of the their program called SiteKey.
SiteKey helps protect BOA’s customers by requiring the user, as part of the registration process, to select an image and an accompanying phrase that only the user knows. If a phishing/pharming attack attempted to get the user to logon onto a bogus site appearing to be the legitimateBank of America site the SiteKey picture and phrase for this user, if even present, would in all likely hood be different from those selected by the user when registering. This procedure acts as an extra level of protection to alert the user to the potential fraud in action.
Protection Check List
There are a number of things users can do to protect themselves from online fraud and financial scams.
- Run Basic Security Software on your computer such as antivirus and anti spyware programs. Moreover only use proven names that are known industry leaders such as Symantec or Kaspersky in the anti virus area and PC Tools Spyware Doctor for anti spyware products. As a starter you can find some information on Anti Spyware software here.
- Don’t Click on Links in E-mails asking you to update information.
Virtually no financial institution will send such an e-mail. If you believe
that the request may be legitimate then either call the institution to get
more information and/or log onto your account using YOUR book marked link in
your browser or by typing in the URL yourself.PayPal, for example, does periodically send out email regarding a necessary action that needs to be taken for your account. Logging into PayPay by typing the URL in the browser address box, instead of clicking on any provided link, is strong protection against being a victim of a Phishing email. - Report the Incident if you receive a phishing e-mail. Help yourself by helping others and report the phishing attempt. Large financial institutions and other groups are actively working to both prevent such attacks and to take down the web sites used by the attackers. The simplest response is to forward the phishing e-mail, maintaining the HTML format, to reportphishing@antiphishing.org .
Posted by mike.shafer on 01-24-2006 at 01:01 am
Posted in Phishing
No comments yet.