Wednesday, September 24, 2008

You've been Phished....

Have you ever received a bulletin or comment from your friend that you know they did not really send to you? It's probably because they got "phished" and a spammer is using their account to spam you! You may have been phished yourself and seen messages, comments or bulletins sent from your social network account (Face-book, MySpace, Hi5 e.t.c).

What is it?
Phishing is the luring of an internet user to reveal personal details (like email, passwords and credit card information) on a fake web page or email form pretending to come from a legitimate company or source. (Word Web)

It is not a "security" flaw, and you're not getting "hacked." You've probably been warned before about phishing websites, but most people don't think or worry about phishing when using their social net work account (I’ll use face-book onwards). You may wonder why anyone would even want to get your Face-book password. On Face-book, phishers obviously aren't after your money, but they are still trying to make money! They achieve this by logging into your account and using your account to spam your friends. They make money from the advertisements they spam. (Spam works better when it comes from a real account you know, because your friends are likely to pay attention to it!)

It's entirely preventable by you, if you know what to look for. To make sure you don't get phished, you have to understand exactly how it works.

Here's the basic idea: It starts with the person trying to phish you making a web page that looks just like the log in page of the website (Face-book) you're trying to use. Then the phisher comes up with a creative way to get you to click on the link to that page (maybe by sending you a message or comment saying you should check something out). When you see the link and click it, you are presented with the fake log in page created by the phisher. If you enter your info, you've been "phished" - you've fallen for the trick, and they've captured your email and password! The phisher will then start logging in as you until you change your password and lock them out.

Now you may think you know exactly what the Face-book log in page looks like and that someone could not trick you into typing your info into a fake page, but it is very easy to fall for this! It's also very easy for anyone to make an exact copy of the Face-book log in page, or the log in page of any website you use. There is only one easy way to know that you are at the real log in page. That's by looking at your browser's address bar--the place you view or type in the URL of the website you want to visit. There will you know what website you are actually on at the moment. For Face-book, the only page you should log in to is “" - with no extra characters before or after it. note for the new face-book, it's "" Face-book is yet to do something about it!

If you are ever clicking around Face-book and you are asked to log in, don't do it! STOP and check the address in the URL to be sure it’s not some fake site designed to steal your log in credentials.

Use the latest version of Internet explorer which automatic checks all websites and has phishing protection. It will check to see if the site you are visiting is a phishing website and warn you.

Finally changing your password occasional will block out unauthorized users frequently until they give up eventually.

More info on phishing can be found by clicking Here

Be on the look out!!!

1 comment:

Anonymous said...

From the moment the first Mercedes-Benz CLS four-door "coupe" was introduced to the public, other German luxury automakers hit the drafting board. According to the German auto experts at AutoBild, Audi is just over a year away from unleashing its own cleverly packaged sedan.