Saturday, August 27, 2005

Beware Of The Phish

According to an August 28, 2005 article in the Washington Post, phishing scams are becoming more difficult to detect. "Phishing" refers to a type of email which sends a "something's wrong" message which appears to be coming from a financial institution. The user is instructed to log onto a Web site which appears to be valid. If the user provides a password or other financial information, scammers use that information to perpetrate fraud and identity theft.

Don Oldenburg writes the following in the Washington Post:

"Don't get me started on spam. But the other day, scanning the dregs of my spam filter, there was this one that stood out from the hundreds of unsolicited commercial e-mails that pitch porn, get-rich-quick schemes, cheap pharmaceuticals, urgent business proposals and sure-thing investments. All no-brainer deletes. Click, click, click.

"But this one stopped me cold. It raised images of stressed-out and distraught military families stunned by the message that their bank accounts had been breached (all the more troubling after last week's news that someone had indeed hacked an Air Force nonfinancial database containing 33,000 Social Security numbers). Recipients could follow the message's instructions, click on a link to a Web site, and divulge their passwords and confidential information.

"Only, that urgent notice isn't from their bank. It's from a crook.

"You probably knew that already. Those daily spams, supposedly from eBay, AOL or PayPal? Saying your account has been corrupted? If you don't have eBay, AOL or PayPal accounts, they're easy rip-offs to recognize. Click, click, click. Gone.

"But if your thoughts are halfway around the world, in a war zone where every day is a life-or-death matter for a loved one, and your bank is the Armed Forces Bank, then just maybe you get fooled this one time. Just takes once. Low-life scammers count on it -- all the way to the bank.

"'It's big business. And it is hard to track and really hard to shut down,' says David Jevans, chairman of the Anti-Phishing Working Group (APWG), an association of more than 1,100 companies and law enforcement groups worldwide trying to eliminate online fraud and identity theft scams." Phishing is becoming more sophisticated: "Over the past couple of years, phishing has become one of the top consumer crimes. A Gartner Inc. report in June estimated that 1.98 million Americans were victimized from May 2004 to May 2005 by phishing scams that stole $2.4 billion from their checking accounts. And APWG's phishing reports indicate that reported scams in 2005 have almost doubled in some months over last year's. They're such a threat that the new edition of the Oxford English Dictionary has added the term 'phishing' to its pages.

"'The Armed Forces Bank scam is part of a growing trend in phishing to focus on smaller financial institutions, such as credit unions, smaller banks and insurance companies,' Jevans said.

"'Basically, they are spreading out to smaller companies that are not as prepared to deal with it. There is a lot of testing out there to see who has systems that they can cash in on. . . . They're trying to stay ahead of spam filters, phishing filters, and they're trying different social engineering techniques.'

"In the Armed Forces Bank scam, the crooks mutated the message at least six times -- about every five or six days -- which the APWG says is business as usual...."
More information about phishing scams is available here and here, and in the archives here. These sites are worth bookmarking.

And remember this caution from the article in the Washington Post:
"Keep in mind that practically no legitimate companies contact customers via e-mail asking for private information. So the best advice? Click, click, click -- gone."

6 Comments:

At 8/29/2005 4:40 PM, Blogger G_in_AL said...

this crap just feeds on the ignorant. Most of us know (I hope) that no respectable institution will ask you for that stuff. I remember about 2 years ago something like that goin on through AOL and Ebay. My mother-in-law almost fell for it. But she is one of those that doesnt understand what exactly this whole interent thing is all about.

 
At 8/29/2005 7:40 PM, Anonymous Anonymous said...

Several years ago, a fellow by the name of B. Franklin wrote in what he called Poor Richard's Almanac, "A fool and his money are soon parted." Actually, Mr. Franklin stole the line from Shakespeare (Hamlet), but the words are still true today.

 
At 8/29/2005 9:41 PM, Blogger Warren said...

Literally, hundreds of millions of these things get sent out at practically no cost to the sender. If even a fraction of a percentage reply, it means a bonanza for the thief.

From what I've been able to tell, they mostly come from countries of the former Soviet Union and the perpetrators are impossible to track down. The remains of the Soviet Empire have turned into a Kleptocracy.

 
At 8/30/2005 7:42 AM, Blogger Always On Watch said...

Warren,
And a worm (I can't remember which one) was traced to Turkey and to Morocco. Other hackings have been traced to China.

One of the phishing scams that came my way used Japanese.

 
At 8/30/2005 9:45 PM, Blogger Warren said...

I advise the use of a double acting firewall which not only blocks unwanted incoming probes but also blocks unauthorized "programs" from sending out information.

The worms operate in a different way than phishing attacks, collecting information directly from your computer. Addresses, account numbers, credit card information, social security numbers, passwords, are all gathered then sent to be collected and used.

The safest thing to do is to refrain from storing sensitive information on a computer.

Other things:
If you use a broadband connection and do not have a firewall, your computer is almost certainly infected with some type of problem.

Get a firewall!

If you use Microsoft Windows 95, 98, ME or XP. (I usually use a version of Linux but I do occasionally use ME)

Microsoft's "free" firewall is a piece of junk and if you use the freeware version of Zone Alarm, you, (and your friends), will be infinitely better off.

Do not attempt to run two different software Firewalls on the same computer. The programs will conflict.

You can, however, run your computer behind a hub router with a built in firewall and firewall software on your computer. (That's what I do). Essentially my computer is invisible to probing attacks.

Do not leave your computer on all the time, shut it down if you do not intend to use it. The likelihood of your computer being corrupted by a "worm" is dramatically lessened just by shortening the period of time it is subjected to such attacks.


I saw one of the first phishing attacks about two years ago. A friend forwarded it to me. He didn't have an account at the bank in question and he wondered what was going on.

A pop up window would appear over the actual home page requesting your password and username. I traced the URL of the pop up and it returned a Ukrainian ISP. It required the phisher to actually "hack", the banks homepage.

 
At 8/30/2005 10:11 PM, Blogger Always On Watch said...

Warren,
All good advice here. Thanks!

I learned about conflicting firewall-programs the hard way. Talk about slowing my PC to a snail's pace! One could grow old while waiting for the machine to boot.

A lot of people neglect to disconnect the machine. More good advice. If the machine is off and unplugged (I'm probably paranoid), the machine can't dial itself into an undesirable web site.

I'm still using primitive dial-up; nevertheless, I use a security program. I occasionally get notification that something was intercepted.

 

Post a Comment

<< Home