With the latest phishing scam going around, in South Africa at least, I have written up this post to get my opinion on keeping yourself safe from the scammer. The title of the phishing mail that prompted this is “CNN.com Daily Top 10” from “Daily Top 10”. It caught me at first until I relised this was received on the wrong account as I have a sub to a similar service. All the links in the mail go to a fake CNN site that says you need to download their video player, this video player contains a key logger than will send all keystrokes you make to another party that will probably use it for their own gain. I must say that every time I have tried the site linked it appeared to have been taken down.
There are a few important rules to using the internet, and they apply to many other forms of communication: There are a few important rules to using the internet:
- If it seems too good to be true, then it is most likely is!
- If you receive email asking for personal or financial information, delete it! They already have your information, and if they really need your information they will probably do it through more personal contact.
- Never give out your personal information to anyone, they can and possibly will use it to impersonate you.
- Keep your antivirus up to date. A good free one for home use is Avast.
- Keep your Windows installation up to date. You can do this from the Microsoft Windows Update site
- Run a firewall. If you have Windows XP SP2 or higher you already have one, as long as it is enabled. There are third party firewalls like Comodo Firewall, but I personally find them too intrusive.
- Use anti-spyware software. A reliable free one is Spybot – SD. Be very careful of sites that advertise anti-malware tools, many are scams that contain spyware and other forms malicious software, there is a good listing of this so called RogueWare at Spywarewarrior.com
- If you receive an email claiming to come from, for example, your bank, do not click on the link within. Rather open your web browser and type the address in yourself. This way you can be more assured that you are not going to a malicious site.
- Make sure the site login is using HTTPS and that the certificate is valid. You can do that by double clicking the padlock which is, in the case of pre IE7 and Firefox, in the status bar on the bottom of your browser or clicking on the padlock and selecting “View Certificates” to the right of the URL in IE7 and up. The URL of the site being visited must be the same as the Web site mentioned.
The first three points can also be used to protect yourself from mail, fax and phone fraud. There was an SMS making the rounds claiming that you had won a trip to the Rugby World Cup finals, but they wanted you to reply with your credit card and CVV number. Something most people did not notice was this SMS was coming from, in most cases, an international number and so replied to the message. In the first place the fraudsters where farming credit card information, and the number was also a premium rate one (i.e. it cost up to R50 to send). Definition of the term Phishing taken from Wikipedia In computing, phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from PayPal, eBay, YouTube or online banks are commonly used to lure the unsuspecting. Phishing is typically carried out by e-mail or instant messaging, and it often directs users to enter details at a website. Phishing is an example of social engineering techniques used to fool users. Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical security measures. For more information on these threats and terminology these links are good references:
- http://www.symantec.com/norton/security_response/index.jsp is a good information resource.
For the more inclined the following are some of my favorite places to visit (warning geeks only)
- National Institute of Standards and Technology: Information Technology Laboratory
- PaulDotCom – One of the most interesting, if not crazy at times, Security podcasts on the planet. They also have a Google Group at http://groups.google.com/group/pauldotcom
Changed spyware tool from CCleaner as CCleaner is actually a registry optimisation tool