AnonProxy
Proxy of Anon
Premium
join:2001-05-12
ß | Frist!
Nor first but frist! |
|
TKJunkMail
Enjoy the sun
Premium
join:2002-03-03
Avalon, NJ
 ·Sprint Mobile Broa..
 ·Comcast
|  Don't click on email links best defense
The best defense against these phishing attempts is to never click on an email link, especially if it is supposedly from a financial institution. Instead, go thru the institutions main web site or use a favorite link you have saved in your browser for your bank, broker, etc.
--
Come visit the Red Room forum
Bush/Cheney 2004
When the eagles are silent, the parrots begin to jabber.- Winston Churchill |
|
SSX4life
Premium
join:2004-02-13 | reply to AnonProxy
Re: Frist!
It's like saying the sky is blue, of course it comes from botnets. Geeze...... why do studys on the obvious.
--SSX-- |
|
JPCass
join:2001-01-23
Denver, CO
| reply to TKJunkMail
Re: Don't click on email links best defense
Obviously, the phishing attacks are luring those who don't understand that basic principle. And unfortunately, I think a lot of those being lured into giving up their private information are those not tech-savvy or analytical enough to be suspicious on their own, and who don't keep up with the news about online security, which is almost by definition a group that is going to be hard to consistently reach and educate.
It seems to me that some entirely new security mechanism is needed, so that users can be educated to look for something unique that a fraudulent link or website is unable to provide, rather than trying to teach relatively technical details like the difference between clicking on an address versus typing it in. As a crude example, every secure website could have an intermediate authentication step to prove that the site really does "know" you after a user ID is put in, but before a password is submitted. |
|
TKJunkMail
Enjoy the sun
Premium
join:2002-03-03
Avalon, NJ
·Sprint Mobile Broa..
·Comcast
| said by JPCass  :It seems to me that some entirely new security mechanism is needed, so that users can be educated to look for something unique that a fraudulent link or website is unable to provide, rather than trying to teach relatively technical details like the difference between clicking on an address versus typing it in. As a crude example, every secure website could have an intermediate authentication step to prove that the site really does "know" you after a user ID is put in, but before a password is submitted. Besides being naturally suspicious of all emails not from close friends, I installed the FREE "Earthlink Toolbar" that has a SCAMBLOCKER component. That keeps a continually updated list of phishing scams in the wild and pops up an unavoidable warning that a site may be a scam when it is visited.
»www.earthlink.net/earthlinktoolb···lbarinfo
--
Come visit the Red Room forum
Bush/Cheney 2004
When the eagles are silent, the parrots begin to jabber.- Winston Churchill |
|
flarn
No Logic Left
join:2001-02-10
North Richland Hills, TX
clubs:  
| reply to SSX4life
Re: Frist!
It's not a legit claim unless there is a study done on it. Just like those guys proved that coffee was addictive. Pointless, but now they can use it to treat people with drugs.
flarn
--
1 DOD & 1 NS server || anti-logic |
|
slashman
Don't do it . ..
Premium
join:2003-10-01
Batavia, IL
| Are AV companies getting into the act as well?
About a week back my AV (Trend Micro Office Scan Corporate) popped up a virus warning for a mime file that was in my temp directory. When I went to look up what the "virus" was the website told me that it was a phishing scam e-mail.
Are other AV vendors putting phishing scam signatures into their definitions? |
|
antiphishing
Phishing Scam Terminator
Premium
join:2004-06-09
Wilkes Barre, PA
4 edits | More Phishing News..... (Updated 10/21)
Worldwide Phishing Attacks May Come From Just A Few Sources
Ziff Davis - New York,NY,USA
»www.eweek.com/article2/0,1759,1679953,00.asp
ID theft, phishing altering online habits
By Anne Saita, News Writer
19 Oct 2004 | SearchSecurity.com
»searchsecurity.techtarget.com/or···,00.html
Identity thieves' 'phishing' attacks could soon get a lot nastier
»www.physorg.com/news1608.html
- - - Update - - -
Study: Few use phishing to troll for data
GCN.com - USA
»gcn.com/vol1_no1/daily-updates/27647-1.html
Phishing attacks powered by 'just five' zombie networks
ZDNet.co.uk - UK
»news.zdnet.co.uk/internet/securi···8,00.htm
Users face new phishing threats
BBC News - London,England,UK
»news.bbc.co.uk/1/hi/technology/3759808.stm
Phishing Attacks possible on Google 
Netcraft - UK
»news.netcraft.com/archives/2004/···gle.html
--
Dslreports.com Forum No-Spin zone starts here.
»www.antihotmail.com
spammers_are_scumbags@antihotmail.com
|
|
claudeo
join:2000-02-23
Redmond, WA
| Re: More Phishing News.....
Quick response is the only way to nail them. One thing they all have in common is that they have to direct the victim to a web site that may in turn relay to another site. If these sites can be tracked before they take them down, soon or later there will be a trail leading to the real culprits.
Unfortunately, trying to report a phish is too complicated and time consuming. I tried a few times, but the report forms either made me feel like a criminal (FBI web site), requested too much of my private information (FBI and some financial sites), or was just too cumbersome to use (most of them). Just forwarding from Outlook does not work--headers get lost, but trying to email the entire message source does not work either--typically flagged as spam and rejected. By the time one goes through the hoops and someone bothers to read the report, the phishers have long since moved on. |
|
antiphishing
Phishing Scam Terminator
Premium
join:2004-06-09
Wilkes Barre, PA
|  said by claudeo :
Unfortunately, trying to report a phish is too complicated and time consuming. I tried a few times, but the report forms either made me feel like a criminal (FBI web site), requested too much of my private information (FBI and some financial sites), or was just too cumbersome to use (most of them).
I think instead of reporting or wasting your time with Federal agencies it would be better to just shut the spamvertised website down. This would further prevent the spread of the scam.
--
Dslreports.com Forum No-Spin zone starts here.
»www.antihotmail.com
spammers_are_scumbags@antihotmail.com |
|
