Phishing Is Dangerous
Are the big phish eating the little phish?
New research throws doubt on the size of the problem.
Phishing, short for fishing expedition, is a common method in which intruders find their way into networks to create mischief and mayhem for users.
Phishing criminals wade in a vast sea of computer users and wait to see if someone takes the bait by providing a credit card or social security number, passwords, street addresses, birth dates, maiden names, the answers to secret questions, or bank account numbers.
A phishing scam boils down to: people want your confidential information so they can use it to steal money from you, your bank, your credit card companies, and other sources.
Examples of Phishing include:
You get an email from a government official for a small foreign nation, begging you to help him leach millions from his country’s treasury – for a significant finder’s fee.
Your bank sends you an email claiming that your account has been breached, and you must log onto your account immediately to verify that everything is okay.
You’re trying to watch a funny video about puppies and babies, but when you click the virtual play button, a window pops up to inform you that your video player needs an update, which you can download in just a few seconds.
So how much is lost due to phishing? There’s a debate raging over the actual amount. Gartner shocked the IT world when they said losses had soared to $3.2 billion in 20071. A more recent report throws doubt on that total, claiming that actual losses are some 50 times less: closer to $64 million.
The newly-released paper (Herley and Florencio, Microsoft, January 2009) goes farther, painting a picture of greed devouring greed: more savvy and experienced fraudsters defrauding those new to the game. A case of the big phish eating the little phish.
However large or small the losses, consumers still must be careful and mindful of the damage that can be done. Most banks and credit card issuers limit the amount that their customers are liable for in the case of fraud. But it can still take a great deal of effort to repair the damage to your credit history.
Even if you surf the Internet cautiously, it’s easy to let down your guard in a moment of enthusiasm (that puppies-and-babies video was really funny!). So a few safety tips bear repeating:
Update your browser. Internet Explorer, Safari and Firefox are continually updated to protect against known scams, so the most current version is the safest version.Change your user names and passwords regularly, using letters, numbers and special characters (like # or @), and don’t use your social security number for either!
Avoid downloading programs from unknown sources.
Be sure to protect yourself with leading anti-virus and parental control tools such as Home Network Defender as well as a little old-fashion caution.
Take a look at software tools available that help you manage your home network more easily and alert you to potential weakness in your home network such Network Magic.
Look carefully at the URL for the site you’re being directed to; hoax sites often have very long, complicated URLs that often don’t contain the name of the company they’re impersonating.
If you shop online, log off the site after you’ve made any credit card purchases, or shut down your browser.
Internet security is a huge topic, let us know your thoughts in the comment section of this blog or join us on Twitter.
Posted by Johanna Fry at 03:01PM PST
Johanna Fry
maddie May 27, 2009
omg this website was absoultly helpful!!