Return to the
Return to Dylon Whyte's Current Thoughts
Draxenn's Mindless Madness
The Displaced Bostonian
Inside the Mind of Jake Ortman
One Click from
How Many Would
Hot or Not?
Face the Jury
Disclaimer: Please note that the writer is not responsible for dead, boring, mind expanding or dangerous website links and/or software, follow links and install programs at your own risk!
Thursday, November 27, 2003
An increasing popular practice among Data Thieves, that is, nefarious folks, interested in stealing your personal information, is a new subterfuge tactic known as “Phishing”.
How Phishing Works:
Scattered amongst the regular unsolicited Spam in your Inbox is a message about your Paypal (or Citibank, Amazon.ca, Ebay.com, Hotmail.com, etc…) account. For some reason your account has been suspended and must be verified. The verification process is simple, just click a hyperlink, enter your regular account login and password, then click OK. But wait, why am I receiving a cryptic error message when I click OK?
It may have looked just like the website you were expecting, but what you didn’t notice is that instead of going to www.paypal.com you’ve been redirected to www.paypol.com or some other non-legitimate website and you have just handed the scoundrels running the non-legitimate website full access your PayPal account.
No doubt the implications of handing over such access are obvious, especially if instead of Hotmail.com, you have just handed over unrestricted access to your bank account. The consequences escalate if you use identical logins for all your online accounts. It is common practice for data thieves to try logins across a variety of commercial websites once they have been obtained through such phishing methods.
How to protect yourself:
Always double-check the name of any URL you are visiting, it’s very easy to mistake www.citibank.com for www.citiblank.com. When the validity of a URL is in question for any reason, simply don’t click. No legitimate service is going to deny you access to your account for no reason. If you want to make sure everything is copasetic with your account, drop an email to the support address for the online service. Beyond easing your concerns, they will more than likely be very interested in the fact that somebody has been attempting to bilk their clients.
An additional level of safety can also be attained by choosing “strong” passwords and by using different passwords for each website you visit.
A “strong” password contains a combination of upper and lowercase letters, numbers and symbols and contains as many characters as allowed. Because “strong” passwords are often hard to remember, it’s a good idea to keep a copy of all your passwords written down. You can also us numbers and symbols to replace letters to create complex, yet memorable passwords: “gonefishing” for example could become “g0n3F1$#!nG”.
posted by Kusari 5:17 PM