Friday, October 21, 2011

George Mindling Column 1-21-2005 - Phishing

"Phishing" The Newest of Internet Cons

The web scam I received today looked exactly like a real message from Microsoft Support. According to the official Microsoft Logo and header, I was to update my account within 3 days or lose my account with Microsoft. The error was apparently a server or data base failure within Microsoft, and with their apologies, all I had to do was click on the link marked “click on our link” and key in my credit card information. The link actually was a Russian web site I have never used. I know it was a scam because I don’t have an account with Microsoft.

The worst offender, however, is the one I have received three times in the last month. It was a scam perfectly modeled after SunTrust’s logo. The page had the logo from the supposed sender, in this case SunTrust. The message read: “We recently reviewed your account, and suspect that your SunTrust Internet Banking account may have been accessed by an unauthorized third party. Protecting the security of your account and of the SunTrust network is our primary concern.” Again, logging on to the supposed web site took you somewhere else, even though the name looked almost real. I forwarded the SunTrust scams to SunTrust security, as I am sure many others did also, and as of December 21st, the offending web site has been shut down. How did I know it was a scam? I don’t have an account with SunTrust, either!

Do not click on any link you receive in an E-mail unless you specifically requested the information. Even then, use a little common sense. Do not assume that any e-mail is real without checking first, even if it means calling your bank or financial institution by telephone. Remember, they already have ALL of your account information.

An official looking web site is easy to create. Stealing logos and web page layouts is done with a few keystrokes, and they are created with the idea of making you respond without questioning the message. The marvel of electronic communication will be exploited by those who operate without morals or ethics, and without the traditional boundaries of law and jurisdiction, it becomes increasing difficult to maintain control over who has access to your personal computer. Don’t make it easier for the bad guys and gals to get your information. Don’t give away your private information without knowing whom you are dealing with. And why! A request for account information should be a warning flag every time.

Real Internet commerce always uses secure encoding when dealing with a customer data. The key lock symbol or it’s equivalent will highlight on your system tray portion of your screen when working with a secure site. Sending credit card information to a real on line vendor is usually safe and secure. If you initiated the purchase, and you know the vendor, there is no problem.

You wouldn’t give your credit card to a stranger in a store. Don’t do it with your PC!

George Mindling

No comments:

Post a Comment