In computer news this week:

Lead: It'll be a blue Christmas if you get spoofed for Christmas, and end up giving your personal financial information to some hacker.

One of the biggest dangers of the internet right now is the practice by hackers of spoofing Christmas shoppers to steal their identity. Recently still another security hole was found in Microsoft's Internet Explorer 6.0 which allow hackers to do what is known as spoofing to you.

Spoofing is when hackers send you an email pretending to be from a company that you do business with, maybe Ebay or Paypal or your bank or your ISP. They send you an email that looks like it came from a company that you do business with and are familiar with, and usually they ask you to verify your credit card information, or they warn you that your account will expire if you don't update your credit information. They prey on your honesty to respond, and unless you are aware of this scam you probably will respond and ruin your Christmas.

In the past these spoof emails have been fairly easily to spot, some had spelling or grammar errors, and some had you go to websites that obviously weren't the true website of the company involved. Anytime you enter sensitive information regarding your credit cards on the internet, you want to be sure you are on a secure website. You can verify this by looking at the address in your browser window - and it should start https: instead of the usual http - the "s" in the https means it is a secure encrypted site. The other visual verification is to look in the bottom right corner of your screen and you should see a yellow locked padlock.

Some of the older spoof emails that brought you to a website would tell you it was a secure site, but the obvious giveaway was that you would not see the https or a padlock, but you would see a data entry screen asking you to enter your credit card info. Also the address you saw in your browser window didn't say ebay or a company name - often it showed the numeric address of the site to confuse you. But you could look up the owner of the site address and see that it wasn't the legitimate company you thought it was.

Just last week I received notice from an internet security service that hackers had found a security hole in Internet Explorer 6 that enabled them to make their sites look just like the company sites they claimed to be. 2 days later I received still another spoof email - this one from Citibank - and it was obvious these hackers had exploited this newly found security hole. As I clicked on the link address in the email to see what the ploy was - and which you should never do - I could see it first go to a numeric website address - but then quickly switch into a screen that looked exactly like the city bank website. But it was all smoke and mirrors - I looked up the IP or numeric address of the first site and saw it was not the legitimate company site.

Surprisingly Microsoft has not responded with an update fix to this security hole. Instead if you go to the main microsoft site http://www.microsoft.com/ you will see a notice that says Caution - avoid getting tricked by spoof websites and a link that takes you to a microsoft page that explains all about spoofing and how to verify that you are on a secure site.

Virtually all online companies now say that then never send out emails asking you to verify or update your credit card information. So you should regard any email you get from any company - familiar to you or not - asking you to update your credit information - as a hacker trying to steal your credit card information, and disregard and delete it.

I hope this information helps you all have a Merry Christmas!

For Raw Bytes, This is Frank Delaney

POB 222 Spangle, Wa 99031 (509)245-3736 624-7230