Facebook has initiated working with Online security firm Websense to protect users from Phishing by adding a phishing safety net.
Next week you will be met by this safety pop-up if you are heading for a potentially dangerous website:
Facebook is a likely target for scammers and often people click on links supposedly posted by friends. The target is to gain access to passwords.
Source: BBC News
Are you also tired of the endless amounts of trickery and online scams. Perhaps it’s time to fight back?
Here are some addresses you can forward such emails to. Also included are bank, and business addresses for reporting phishing and scam emails.
US CERT (US Computer Emergency Response Team) phishing-report@us-cert.gov
Federal Trade Commission spam@uce.gov
EarthLink Fraud fraud@abuse.earthlink.net
Anti-Phishing Working Group reportphishing@antiphishing.org
Fraud Watch International fraudwatch@fraudwatchinternational.com
Phish Tank phish@phishtank.com
Chase Bank abuse@chase.com
Zenith Bank ebusiness@zenithbank.com
Oceanic Bank customercare@oceanicbank.com
Abbey National Bank customerservices@abbey.com
Union Bank PLC customerservice@unionbankng.com
Lloyds TSB Banking emailscams@lloydstsb.co.uk
South Western Federal Credit Union contactus@swfcu.org
Federal Express abuse@fedex.com
DHL Express Fraud.alert@dhl.com
Wells Fargo reportphish@wellsfargo.com
Publishers Clearing House PCHabuse@pch.com
Capitol One abuse@capitalone.com
Pay Pal spoof@paypal.com
Bank of America abuse@bankofamerica.com
USAA Bank abuse@usaa.com
HSBC Bank usphishing@us.hsbc.com
NatWest Bank phishing@natwest.com
If you want to fight the sleezy scum of internet frauds you can join the phish-fighting community at Phishtank, a site where anyone can submit, verify, track and share phishing data. More at www.phishtank.com.
Until next time 
Peter – Your Online Security Guide
AdAware Total Security
It’s really easy to research information about people nowadays. With a click of a button, one can where the person works, plays, his/her hobbies, likes, and of course, friends. And the turnaround time for getting the information counts less than a second.
In the belief that information at hand is information that can be lost, I learned to separate bits and pieces of and about me that can be shared. Knowing that identity theft has absolute repercussions that may paralyze a person’s life, I immediately rummaged around for a software that can protect my information.
The Ad-Aware Total Security is a wholistic approach to online security. It protects the system against intruders that thrive and comb information from your root system to your online activities. It lets the user go online without thinking twice about security, as it blocks information threats and removes them at once.
What you can get from Ad-Aware:
Safe, Sound, and Secure. It has a state-of-the-art malware and spyware protection that effectively blocks hackers, viruses, rootkits, hacker, malware, and spyware. It also lets you monitor your child’s online activity and prevent access to dangerous sites.
Economical . The Ad-Aware Total Security saves money as it combines the essential functions in online protection offered in separate programs. It lets you maximize your space, time and money, that acquiring and installing individual programs produce.
Peace of Mind. It continually protects your system from possible intruders and identity thieves. You can surf, transact, and visit social networking sites worry-free, leaving you with total enjoyment in your tasks. It also optimizes your PC’s health with its tuning features, making your computer maintenance hassle-free.
For a family man, protection for my family has always been my number one priority. And by these benefits, being online-secure gives me a step towards a healthy family life.
For further information on the product, please visit Ad-Aware Security and Total Real-time Solution Software.
Did you get an email from Centers for Disease Control and Prevention [alerts@cdcmailsystem.gov], then DO NOT respond or click any links.
This is a fake message trying to get you to give up personal information that will be used for illegal purposes.
I have received several of these the last few days with slightly different wordings, title and sender information. In any regard you can be sure that CDC or other government organizations will not email you about information like this. An easy way to see where the link goes in messages like this is to hold your mouse over the image. As you can see on the image of the email I have enclosed here it goes to a website on Isle of Man.
Until next time – Stay Safe!
Peter – Your Online Security Guide
Microsoft has confirmed that thousands of hotmail passwords has leaked on the internet.
Microsoft claim that the company hasn’t been hacked, but the information was retrieved by the hackers by phishing. It is rumored that over 10,000 accounts has been hacked. Hotmail has over 400 million registered accounts.
If you own a hotmail account you should head over there urgently and change your login information.
This morning I received an email looking like it was sent my Microsoft alerting me about a critical update for Microsoft Outlook. The Microsoft updates are normally automatic so I got suspicious.
Hovering my mouse over the link my suspicion was confirmed. It’s an advanced phishing attempt to lure information from the recipients of this email.
Phishing Attempt - Click for larger image
If you would proceed downloading this code it will NOT update your Outlook software, but instead install malicious code on your computer.
The so called Trojan that’s installed is created to gather sensitive personal information, log in names and passwords. The trojan will watch you visit major banks, facebook accounts, Myspace and Youtube.
Never click on links in emails that you aren’t familiar with. You can read more about Phisihing here.
Keep safe!
Peter – Your Online Security Guide
What is Phishing, how to protect yourself against Phishing and examples of Phishing.
Phishing is the use of fraudulent e-mails and Web sites to lure consumers into sharing personal and financial information. According to the most recent data from the Anti-Phishing Working Group, there were 1,125 unique attacks in April — a 180 percent increase over March (statistics from 2004). Since then it has only been growing.
Criminals are sending out millions of “urgent” e-mails trying to get unsuspecting consumers to divulge personal information such as their Social Security numbers or the passwords for their online accounts.
Some tell consumers the federal insurance on their savings accounts will be canceled unless they immediately update their personal details. Others claim to be from Internet service providers redoing their billing lists and others say something has gone wrong with a credit card transaction and that additional information is needed or the card will be canceled.
Identity theft is not only done online. In fact the majority is done offline. Only 14% of cases are based online. So although many con artist do this at cyberspace, it can also do damage in the real world. By stealing Id’s, Credit cards and checking accounts they can access into your finances.
GT got her car broken into by thieves. They broke the window of her car and got her purse and some other valuable things. She expected that her credit cards would be used for some unauthorized purchase.
After a few days her bank called trying to verify a large purchase made on her credit card. Not just that, she also got charged for a maternity bill when she wasn’t even pregnant.
“They used my checking account and credit cards before I had a chance to cancel them”, says GT, a PR executive from San Francisco. A few months later she found out that they had also opened a new checking account in her name.
That one incident made her to go in debt and she couldn’t even use the account. This can be frightening to consumers who have credit cards and checking accounts. Someone can just steal your identity.
Now I am more careful and observant, says GT who has just only recently recovered from the financial mess that she encountered.
Majority of the people believe that Identity theft could only do damage when credit cards are used for online purchases. Well they are definitely wrong. A stolen wallet or bag would create a worse scenario.
For the one out of three identity theft victims who knows how their information was taken, more than 75 percent said it involved a physical method such as a stolen wallet, a phone or mail-order sale, stolen mail, or a theft by someone they knew, compared with 14 percent who reported that it involved online access.
What is Vishing
The Wikipedia definition of Vishing:
“Vishing is the criminal practice of using social engineering and Voice over IP (VoIP) to gain access to private personal and financial information from the public for the purpose of financial reward.
The term is a combination of “voice” and phishing. Vishing exploits the public’s trust in landline telephone services, which have traditionally terminated in physical locations which are known to the telephone company, and associated with a bill-payer.
The victim is often unaware that VoIP allows for caller ID spoofing, inexpensive, complex automated systems and anonymity for the bill-payer. Vishing is typically used to steal credit card numbers or other information used in identity theft schemes from individuals.
Vishing is very hard for legal authorities to monitor or trace. To protect themselves, consumers are advised to be highly suspicious when receiving messages directing them to call and provide credit card or bank numbers.
Rather than provide any information, the consumer is advised to contact their bank or credit card company directly to verify the validity of the message.”
Stay tuned for the second part in this series on what to do to protect yourself against vishing, phishing and similar threats.
Until next time
Peter – Your Online Security Guide
A while back we published an article on what’s phishing?
The official Google blog has now published a few tips on how to avoid phishing attempts on your computer.
In summary:
- Don’t reply to or click on links in emails that ask for personal, financial, or account information.
- Check the message headers. The From: address and the Return-path should reference the same source.
- Instead of clicking the links in emails, go to the websites directly by typing the web address into your browser, cut and paste or use bookmarks.
- If on a secure page, look for “https” at the begging of the URL and the padlock icon in the browser.
- Keep your computer’s antivirus, spyware, browser, and security patches up to date and regularly run system scans.
- Review your accounts regularly and check for unauthorized activity.
- Use a browser that has a phishing filter (Firefox, Internet Explorer, or Opera).
Read the Google article on Phishing here
For Anti Phishing PC Protection
Until next time
Peter – Your Anti Phishing Guide
      |
