Inside Links

Sponsored Links



Your Ad Here



Recent Entries

Ad Content


Search Spamblogging


Recent Comments

Archives

Creative License


Creative Commons License

Feeds

The Buttons

  • button-1.png

Powered by
Movable Type 3.15


Hosted on
Pair Networks

March 08, 2005

More phishing woes

Clearing phishing is working because the increase in volume and change in tactics/techniques in order to keep it alive is evolving. Were phishing no longer an effective process, these things would die off and we wouldn't keep seeing things like this disturbing news via Slashdot:

In the continuing evolution of the phisher, the latest scams are crafting deceptive email links that include a bank's URL, but send victims to a phishing spoof site. The phishers are combining wildcard DNS, URL encoding and redirection services to construct the URLs. Netcraft has examples of emails that presented barclays.co.uk in the URL but sent clicks to a spoofed page at a server in Moscow. A DNS cache poisoning attack over the weekend also highlights the potential use of DNS tricks in 'pharming' (phishing using redirection rather than bait emails).

*note there are further links in that text if you go to the actual post on Slashdot.

While this is a bit unnerving, there is still an easy way to protect yourself: don't click on these links in emails. If you get an email from PayPal, your bank, your credit card, etc and they are asking/telling you XYZ needs to happen just follow the supplied link - don't click on it. Instead open up a new browser window (ideally not IE) and then manually enter in the base business URL and login from there.
If whatever it is that they are telling you is legit and truly important, then the information will show up there once you login. If it does not and you still are wondering - call them.

It is key that you just put in the base URL which is actually theirs. If the email tells you to go to "http://www.paypalservices.com/userlogin/whatever.html" that DOES NOT mean go to "http://www.paypalservices" - instead I mean go to PayPal's actual base site which you know (https://www.paypal.com) and login there.
Assume that any URL given to you in the email is trying to scam you until you can prove otherwise.

Of course, it also helps if you know how to read the headers and see if it really came from the servers/network from which it claims - but even then you can't trust it 100% (it could be due to a compromised machine in that network).

But the short and easy thing to remember is "do not click on any links sent to you via email".

Posted by Eric at March 8, 2005 09:46 AM | TrackBack

Comments



Post a comment

(HTML is allowed in comments)









Remember personal info?



















TrackBack:http://www.spamblogging.com/mt/mt-tb.cgi/551

Listed below are links to weblogs that reference 'More phishing woes' from spamblogging.