Twenty-Four Seven Security« Security Not Just for Big Business | Main | Patches and Patch Adams »
October 04, 2006New Phishing Fighter
A new anti-phishing site, Phishtank, a service from OpenDNS, is determined to put an end to phishing - which are emails that impersonate legitimate messages from customer-service or financial or ecommerce sites but were actually created to scam you out of your password or financial information. Phishtank plans to accomplish this by creating a database of suspicious emails then having users vote on their legitimacy.
While many of the digerati think this just might be the trick to fight phishing, others are not so sure. The Browser doubts that this will motivate typical email users, who are already busy answering email and fighting spam, to take time out of their day to report on and grade suspect emails.
Some believe that for Phishtank to be successful, they need to collaborate with large email providers who already have more than their share of phishing samples. Because phishing remains a fact of life, what follows are tips to avoid ending up phish food:
1. If you get an email or pop-up message asking for personal or financial information and you have any question regarding it's legitimacy, call or contact the company directly via the phone or by going to the company's verified website (do not click on the link enclosed in the phishing email and assume that will take you to the company's actual website).
2. Always use anti-virus software and a firewall, and keep them up to date, as some phishing emails contain software that is harmful to your computer.
3. Never email personal or financial information. If you are looking to complete an internet transaction, go directly to the company's secure website.
4. Closely review credit card and bank account statements as soon as you get them.
5. Be cautious about opening any attachment or downloading any files from any emails you receive, regardless of who sent them.
6. Forward spam that you suspect is phishing to spam@use.gov and to the company, bank, or organization impersonated in the phishing email.
7. If you believe you have been scammed, file a complaint with the Federal Trade Commission.
Posted by pschooff in
Phishing
|
Digg This|
Add to del.icio.us
Trackback Pings
TrackBack URL for this entry:
http://www.ebizq.net/mt/mt-tb.cgi/766
I think the statistics speak for themselves -- it's not hard to contribute and many are. http://www.phishtank.com/stats.php
I would encourage your readers to submit suspected phish emails to PhishTank, too.
Cheers,
John Roberts
OpenDNS, operators of PhishTank.com
Posted by: John Roberts at October 11, 2006 03:22 PM
Hey John,
Since my post, I have had time to take a closer look at your site, and you're absolutely right; it's very simple to work with and fight back against Phishing.
So I ask my readers to send any suspect Phishing emails to your site. In some ways, PhishTank harks back to the earlier era of the internet when it was mostly just Usenet and many really felt that in those days, it was United We Stand.
So together, we can hopefully defeat one of the worst abuses of the internet, Phishing. Just a reminder, PhishTank is located at: http://www.phishtank.com/stats.php
Best,
Peter
Posted by: Peter Schooff at October 12, 2006 05:16 PM
Post a comment
