Tuesday, August 10, 2010

Gregory Chandler - Protecting Yourself From Phishing Trips

Phishing is a criminal technique used to lure internet users to fraudulent or spoofed websites. The techniques are called phishing trips or phishing attacks. These attacks are on the rise and are causing significant harm to victims. An estimated 5 millions adults lost a total of $6 billion in phishing attacks in 2009.

Threats from these attacks have spread from your desktop to your cell phone and multimedia devices. Staying in the know about these new threats is important to every organization and individual. Easily identifiable spam-like mass phishing campaigns have evolved to the more sophisticated spear-phishings attacks. Spear phishing attacks are low volume attacks that are difficult to differentiated from legitimate e-mails and are very technically advanced. Anti-phishing filters are having an incredibly hard time keeping pace. Websites representing popular social networking sites (such as Facebook and Twitter), auction sites (like Pay Pal and Ebay) banking sites, and even the U. S. government agencies (FBI) are just a few of the mechanisms used to lure the unsuspecting public.

One of the more common attacks experienced by individuals is through e-mail. A great deal of effort has been devoted to solving the phishing problem through prevention and the detection of phishing e-mails and websites. Automated detection systems are the first line of defense against phising attacks. These tools are very effective, but can only address part of phishing threats. User education offers a complementary approach in reducing risk, raising awareness and helping internet users to better understand and recognize fraudulent websites and e-mails. To further safeguard against attacks, online users should seek training in the recognition of these attacks. Many internet security providers give courses in methods to safeguard against phishing.

Some practices that can help internet users mitigate phishing attacks include turning off your Outlook reading panel and not opening links in e-mails. Allowing Outlook to automatically open your e-mail puts your computer at risk to spam, phishing and viruses.

To further reduce risk, internet users should also look for https at the beginning of the URL in the address bar, the padlock in the top right of the address bar, the green address bars in the latest high security browsers (IE 7.0 and above) and the trust mark to be present to the right of the padlock. Furthermore, users should open a new browser window for each session and type in the web address of the site you wish to visit. Since threats change quickly, it behooves the home user to keep his or her computer system patched at all times. This includes your operating system, applications, anti-virus, anti-spyware and firewall software. Lastly, remember banks do not request personal information or account information via e-mail.

For a training video, please visit the Federal Trade Commission website at http://www.ftc.gov/bcp/edu/multimedia/ecards/phishing.


GREGORY CHANDLER, Attorney at Law e-mail address: AttatLawGC@gmail.com

No comments: