Wednesday, December 20, 2006 at 3:13 pm by opus:interactive
Gone Phishing: Online scams get tricky and technical
We all know that providing personal information over the internet is unwise. We take precautions when shopping online, covet our privacy when visiting chat rooms and enlist services to avoid hacking. But internet scammers have a new method to lure unsuspecting victims when “casting about” for private financial information—they go “phishing.”
Phishing is a high-tech scam that uses spam to deceive consumers into disclosing their credit card numbers, bank account information, Social Security numbers, passwords, and other sensitive personal information. Internet “phishermen” enlist this information via emails that may already arrive regularly in your mailbox.
The emails are specially formatted to deceive you into thinking that a legitimate company—possibly one that you conduct business with—is requesting necessary personal information. In truth, these emails are designed to help you unwittingly send information to identity thieves.
Don’t Take the Bait:
There are several ways to recognize a phishing email.
First, be aware of common phishing scams. Many come from scammers imitating Ebay, PayPal and government agencies. One example is Regulations.gov, a legitimate agency operated by the United States Environmental Protection Agency. The FTC and other federal agencies use the regulations.gov portal to receive comments from the public regarding proposed rules and regulations. Scammers often use emails resembling regulations.gov because the public generally views governmental agencies as large and legitimate.
Second, know what to look for. There are a few specific elements that should draw a red flag, such as a link within the email that doesn’t lead to its original site. Once you click on a link, always check the address bar of your browser to be sure you are on the company’s original web site. Another indicator might be when a “return” email address doesn’t match the displayed email address when you are preparing to send your information, This means your return email is being rerouted to an unscrupulous mailbox. You might also receive several copies of the same email, common practice for phishing scammers who don’t often check their target lists for repeat email addresses. Emails that seem unusually insistent or threatening should also be a warning. Scammers know that Intimidation can be a successful method for soliciting information.
But the simplest way to alleviate phishing scams is to avoid sending personal and financial information altogether. Any request for information via email should be questioned. If you get an unexpected email from a company or government agency asking for your personal information, contact the company or agency cited in the email using a telephone number you know to be genuine. You might also cross-check the company of origin by starting a new Internet session and typing in the Web address to be sure it leads to a legitimate company.
Hook, Line and Sinker:
If you have already given your credit card or banking information in response to a suspicious email, notify your Credit Card Company or bank immediately so they can monitor your accounts. If you provided your Social Security number, contact one of the three national consumer reporting agencies to request fraud alert. Finally, visit the FTC’s Identity Theft Web site (www.consumer.gov/idtheft) to file a complaint and learn more about how to minimize your risk identity theft.
Article Archives:
Reinstalling RocketRaid drivers after updating FreeBSD
After going through the steps to update FreeBSD via cvsup, 3 of the servers didn’t come back up after reboot as fast as the other servers I updated did. After 10 minutes, of the server not coming back up, I realized something likely happened to the raid controller driver that these 3 servers use.
Once I [...]
August 19th, 2008
Patching BIND for OpenBSD
Recent security research discovered that there were multiple DNS implementations vulnerable to cache poisoning.This is a multi-vendor vulnerability outlined at the following links (among many others):
http://secunia.com/cve_reference/CVE-2008-1447
http://www.kb.cert.org/vuls/id/800113
In our DNS infrastructure we separate the recursive query DNS servers from the authoritative DNS servers. We limit recursive queries to our own network ranges. Our internal DNS servers used [...]
August 8th, 2008
The Real Ironman
June 28th, 2008
So, I just completed my 1st 1/2 Ironman Triathlon today. It has been a goal that I have wanted to accomplish for some time. After 5 months of vigorous training, I had one day to swim 1.2 miles in the frigid Wickiup Reservoir,
( bike 56 miles around Mt. Bachelor going from 4200 [...]
August 5th, 2008
Virtualized for Non-Profit
Opus Interactive has virtualized 22 of their servers in a effort to upgrade internal systems. Instead of trying to sell the servers, or reprovision them, Opus Interactive decided the best thing to do is to donate them to Omni Media Networks Inc. The donated servers were needed in an effort to expand Omni Media Networks Internet outreach programs. Opus Interactive is very [...]
July 1st, 2008
If a tree gets planted in the forest will anyone hear?
Opus Interactive has joined with Arbor Day Foundation in their mission to “…inspire people to plant, nurture and celebrate trees.” Arbor Day Foundation is the largest nonprofit tree-planting organization, with nearly one million members and averages over 12 million trees planted each year.
So with that, the question becomes with almost 12 million trees each year, why [...]
June 16th, 2008
Protecting the minds and hearts of our children with OpenDNS
There is no argument that there is a lot of crap on the Internet. And I am not referring to poorly designed web sites, time wasting games and an overabundance of news about absolutely everything. The deep, dark alleys of the Internet (and sometimes not all that far removed) are filled with pornography, crime, drugs, [...]
June 9th, 2008
Article Comments: