02
Mar
09

some anti-phishing tips



I’m receiving dozens of phishing mails each day, like :

  • the bank’s database has been compromised, please register again
  • I had tried to login too many times, my account has been disabled, please register again
  • the bank decided to provide users with an application through which they will login, please run this file
  • the bank’s database has been lost, please register again
  • … and countless more

I’m sure many of you receive the same type of mails each day. Here are some tips that will help you decide whether such an email is true or not :

  • each mail in this category will have at least one link in it. Place your mouse over it, and check to see if the address it points to is really the bank’s address. If for example, your bank is Bank ABCDEF ( a fictional bank ), and your bank’s website is http://www.bankabcdef.com, then, when you hover the mouse over the link, you should see a link that belongs to that domain. If for example, you see something completely different, such as some-random-site-not-related-to-abcdef.com/whatever/bankabcdef/, DO NOT VISIT THAT SITE, because it surely will be a phishing attempt
  • if your mail service provider accepts javascript in the e-mails ( which is, in my oppinion, a terrible security flaw ), disable javascript. Javascript has a function named onMouseOver which can be used to spoof a link’s address
  • NEVER download & run any files you did not request
  • if, for example, the e-mail seems legitimate and has a phone number, I would suggest you don’t call that number. Instead use google to find the bank’s website, and get the phone number from there. Then, call the bank to check and see about possible account problems.
  • your browser will sometimes identify sites that are not what they claim to be, be cautious when that happens.

I hope these tips will help you !

Advertisements

0 Responses to “some anti-phishing tips”



  1. Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


Blog Stats

  • 222,663 hits

%d bloggers like this: