Saturday 11 June 2005

Attention: strictly no phishing!

The term 'phishing' describes any attempt to trick you into entering your login or bank details into a fake web site for fraudulent purposes. A web site may look identical to ebay.com, paypal.com or yourbank.com, and even display an official, 'trusted' web site address in your internet browser's address bar, and still be a clone.

One such browser vulnerability which perpetuates this deception is described here. The same Secunia page allows you check if your browser could be exploited in this way. Other phishing scams are documented elsewhere on this invaluable, security bulletin web site so spend some time exploring it to stay informed.

Sticking up a public information sign won't protect you from speculative scam emails, malformed links or malicious 'hosts'-file-altering Trojans, but the internet browser extension Spoof Stick just might. Spoof Stick integrates itself with your browser to display the true URL of the web site you are currently viewing, regardless of its apparent address as it appears in your address bar, making it painfully obvious when and how you are being scammed.

It's no substitute for common sense (don't click on links contained within emails; type web site URLs into your address bar manually, and so on), but it doesn't hurt to have an extra layer of protection in place.

0 comments: