Don't click on email links best defense

Forums » Phishing Zombies » Don't click on email links best defense


Uniqs: 10	Share Topic:	RSS topic:	toggle: flat / full normal / watch	Post a:	Post a:

Frist! »

TKJunkMail
Enjoy the sun
Premium
join:2002-03-03
Avalon, NJ

·Sprint Mobile Broa..

·Comcast

Don't click on email links best defense

The best defense against these phishing attempts is to never click on an email link, especially if it is supposedly from a financial institution. Instead, go thru the institutions main web site or use a favorite link you have saved in your browser for your bank, broker, etc.
--
Come visit the Red Room forum
Bush/Cheney 2004
When the eagles are silent, the parrots begin to jabber.- Winston Churchill

permalink · 2004-10-20 11:05:05 · Print ·

JPCass

join:2001-01-23
Denver, CO

Re: Don't click on email links best defense

Obviously, the phishing attacks are luring those who don't understand that basic principle. And unfortunately, I think a lot of those being lured into giving up their private information are those not tech-savvy or analytical enough to be suspicious on their own, and who don't keep up with the news about online security, which is almost by definition a group that is going to be hard to consistently reach and educate.

It seems to me that some entirely new security mechanism is needed, so that users can be educated to look for something unique that a fraudulent link or website is unable to provide, rather than trying to teach relatively technical details like the difference between clicking on an address versus typing it in. As a crude example, every secure website could have an intermediate authentication step to prove that the site really does "know" you after a user ID is put in, but before a password is submitted.

permalink · 2004-10-20 12:13:20 · Print ·

TKJunkMail
Enjoy the sun
Premium
join:2002-03-03
Avalon, NJ

·Sprint Mobile Broa..

·Comcast

Re: Don't click on email links best defense

said by JPCass

:
It seems to me that some entirely new security mechanism is needed, so that users can be educated to look for something unique that a fraudulent link or website is unable to provide, rather than trying to teach relatively technical details like the difference between clicking on an address versus typing it in. As a crude example, every secure website could have an intermediate authentication step to prove that the site really does "know" you after a user ID is put in, but before a password is submitted.

Besides being naturally suspicious of all emails not from close friends, I installed the FREE "Earthlink Toolbar" that has a SCAMBLOCKER component. That keeps a continually updated list of phishing scams in the wild and pops up an unavoidable warning that a site may be a scam when it is visited.
»www.earthlink.net/earthlinktoolb···lbarinfo
--
Come visit the Red Room forum
Bush/Cheney 2004
When the eagles are silent, the parrots begin to jabber.- Winston Churchill

permalink · 2004-10-20 12:28:13 · Print ·

your comment..

Forums » Phishing Zombies

Frist! »


Tuesday, 08-Dec 21:16:58	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 10 years online! © 1999-2009 dslreports.com. page compression OFF