|
Raw Bytes Computer News KPBX FM 91.1 Radio National Public Radio Network Frank Delaney Producer Broadcast on Thursday Morning 7:35 AM During Morning Edition Support Public Radio ! The Theater Of the Mind |
In computer news this week
Thursday, November 11, 2004 |
|
|||
|
The protection you need on the
internet today - Part 6 – or Don’t surf in shark
infested waters ... In
computer news this week Wednesday, November 10, 2004 The
protection you need on the internet today - Part 6 - or Don’t surf in
shark infested waters ... Last week
I talked about the internet threat of phishing or
spoofing - fraudulent emails that prey on your honesty and internet surfing
habits to get you to give crooks your secret financial information. Just
yesterday I got three of these. I get at least one a day, and have been
getting them for years. I’m
going to expand my coverage on this part of my series on internet protection
so that everyone can better learn how to spot and deal with these fraudulent
spoofing/phishing emails, because probably your
anti-virus program won’t do a thing about them, and even if you have
one of the newer Internet Security Programs like Panda Internet Security it
probably can’t catch them all. Phishing is now considered the major threat to E-commerce, and
most of the major retailers are beginning to inform their customers of the
threat, and how to avoid it. My first phishing email is supposedly from Citibank. It has the
official Citbank logo in the email, has an official
looking return address of CitiBank [antifraud_dep.id.num1622734453998@citibank.com] and says
the following: From: CitiBank
[mailto:antifraud_dep.id.num1622734453998@citibank.com]
Technicaldservices of the BankLare carrying out aDplanned software upgrade.
https://web.da-us.citibank.com/login.ref.2506860/scripts/cIient_conf.jsp
many more Thiswinstruction has beenesent to allrbank customerssand is obligatory to foIow.
skateboard Automobiles Weqpresent our2apoIogies
and thankcyou
for9co-operating.What
a painful loss. Kid Rock Try to connect you Acmemberjofkcitigroup Amateur Attila the Hun Copyrightq©02004ICiticorpD Now as I read that on air you
could probably hear some oddities in the language, and there were spelling
and punctuation errors on several words also. It didn’t sound like
regular English. There is a link to click on that
is displayed as a secure site – meaning it starts with a https:
implying that it is encrypted with a security certificate meaning it is a
legitimate site – which Citibank should have – but when you mouseover this link you see that it shows the web address
of a completely different site, and it is shown as a numerical address
instead of a name that you can read. At this point – if you had
actually received this email – you should not do anything further other
than to delete this email. There is a chance that if you actually click on
this link something bad could happen to your computer;
possibly a virus or spyware or adware program might be downloaded to
your computer. In fact, if you saw this email in
your inbox, you should probably just delete it without opening it, as it said
“Official information for Citibank clients”, and you see, I am NOT a Citibank client in the first place. But I have traced hundreds of
these phishing emails, and I know that if I clicked
on this link I probably would be taken to a site that looks exactly like what
a Citbank site should look like, and I would be
asked to verify my financial information. And I could foolishly give my
secret information to crooks and I could get seriously financially
damaged, and worst of all it would be though my own stupidity! So your best defense in a
situation like this is not to even read any emails that look suspicious, and
to just delete them on site. Next week we’ll go though
the process of dissecting one of these phishing
emails, and learn where they actually come from, and how the fraud is set up
and how it works. For Raw Bytes This is Frank Delaney (C) 2004 MTA Micro Technology Associates http://www.mtamicro.com/kpbx.html PO Box 31522 Spokane, Wa
99223-1522 (509)624-7230 |
|
||||