Starting with the present newsletter, we have decided to publish monthly articles outlining current security situations in the computer world, focusing on crucial issues and ways to improve the security stance of your computer. These materials will be given in clear, comprehensive language, written especially to educate readers on recent trends and events that we consider worthy of attention, and also providing opinions, advice, and experts’ recommendations to enhance the protection of your PC data.

In today’s article, we’ll focus on the topic of phishing, a quickly growing threat on the Internet.

Suppose you get an email from a bank asking you to reconfirm or resubmit your account details and providing you with quick and easy directions on how to do it. Chances are you’re the target of a phishing scam.

In this type of online fraud, the perpetrators send bulk emails to thousands of people in hopes of retrieving confidential information from a percentage of its recipients (just like in fishing with an “f”, where a fisherman throws a baited hook and waits for a fish to take a bite). Email messages are made to look like plausible communications from legitimate or well-known organizations asking for some personal input. Contained in those messages are distress appeals for immediate action, often written in sloppy language and giving only a limited time to address an issue.

A link in the e-mail message directs its recipient to a spoofed Web page asking for sensitive information. The page looks genuine, because it is easy to fake a valid Web site. Any HTML page on the Web can be copied and modified to suit the phishing scheme.

It’s no wonder people get hooked with this scam and divulge secret financial or personal data to fraudsters.

While these statistics may sound daunting, if you simply take a few necessary precautions and learn to recognize phishing, you’ll have nothing to worry about.

First off, if you receive a letter with the above characteristics from an organization you don’t have any ties to, you don’t need to look into it any further – simply delete it. It is definitely phishing. You may consider reporting such case to appropriate authorities by using the contact details given at the end of this document. Going further, if you receive an email asking for your secret data from an organization you have an ongoing relationship with, or had ties with in the past – still be suspicious. You’re better off safe than sorry. Only rarely would a legitimate organization seek resubmission of their clients’ password data, account credentials, or other critical info because they can always restore that information from their proprietary backup records. The smart thing to do in this case would be to contact the company on whose behalf you’ve received that solicitation- but do this by using publicly available contact details. You may also go to its website and find the relevant information there by using the Website address printed on legal documents you may have gotten from them. If the company really needed your cooperation in providing or resubmitting personal information, the relevant details of the situation would be easy to find on its official web site. For advanced users familiar with the structure of the Web the following tips may be helpful, but the general “rule of thumb” still applies to everyone: “Never click on links contained in emails asking you to provide sensitive information”.

1. Link relates to the numeric IP address, not the written address of the issuer, e.g. http://192.168.5.4/  In that case, use a simple whois search, for example: http://www.networksolutions.com/en_US/whois/
2. A completely different domain, e.g. http://www.clickme.com/, instead of a trustworthy address such as http://www.paypal.com
3. The substitution of a letter in a weblink, e.g. http://www.micros0ft.com, where the letter “o” is substituted with “zero”
4. A plausible-sounding but fake domain, e.g. https://www.verify.citibankonlineoperations.com
5. An address with a username that looks like a domain name, e.g. http://www.sony.com@www.nevertrustphishing.com
6. An address that uses wildcard DNS record characters to disguise the domain name, such as the following: http://www.washingtonmutual.com|mhtml:mid://00000127/!cid:031401Mfdab4$3f3dL780$73387018@57W81fa70Re 

1. Never click on links contained in suspected “phished” emails. Refer to the above material to learn how to recognize and handle phishing. Never download any software advertised in those emails.
2. Obtain the latest version of a web browser. The Opera 8 browser has a built-in capability to detect and warn of probable phishing.
3. If you need to supply sensitive information online, remember to type in the address of the website manually, with your keystrokes in the browser address field. Do not copy it from suspicious sources. You may also use your browser’s bookmarked links to access those sites.
4. Install one of the programs listed toward the end of this document to safeguard yourself from phishing and spoofing scams.
5. When you’ve arrived at the site you’re going to supply sensitive information to, look at the account login page and see if there’s a padlock icon displayed at the bottom status bar of your browser (as with Internet Explorer or Firefox). That padlock icon signifies that the site has been granted a security certificate and that it uses data encryption to facilitate secure transactions. Click on that padlock icon and check the certificate information. Make sure that the certificate was given to the webpage currently displayed in you browser’s address bar and that it’s not expired.
6. Seriously consider getting anti-phishing and anti-spoofing software: You may use the following programs to help protect you from phishing:
   -Opera browser with built-in phishing protection (free with ads, paid – without ads, available here: http://www.opera.com/download/get.pl?id=26712)
   -Deepnet Explorer browser with built-in phishing protection (free, available here: http://deepnetexplorer.com/DOWNLOAD/DE1410.EXE)
   -EarthLink toolbar (free, available here: http://csupdate.earthlink.net/win/toolbar/EarthLinkToolbar.exe)
   -FraudEliminator toolbar (free, available here: http://www.fraudeliminator.com/download.htm)
   -SpoofStick toolbar (free, available here: http://www.corestreet.com/spoofstick)
   -Clear Search Anti-Phishing (commercial, available here: http://www.phishing.net)