August 23, 2009
Spelt phishing, but pronounced as above, this despicable act is an effort to batter your bankroll or commandeer your cash.
To put it simply, you can get emails from account administrators, which strongly urge you to update details attached to that account. The issue, though, is the pretence of such mail.
You may not even have such an account as referenced.
It doesn't come from the account provider.
It can use false S.S.L. references, to present an illusion of trust and security.
It can prompt for immediate action on your part, alleging false log-in's by persons unknown, and from countries unknown. If action is not taken, they can impress on you, that the account will be suspended or closed. Indeed, anything likely to work can be fabricated, to get you to the webpage suggested in the link or hyperlink. Note the word "suggested". Likenesses to company logos are used to re-enforce "credibility".
In fact, these phishing attempts actually look pretty good or realistic. So much so that any qualms of guilt or stupidity, experienced by a "conned party" are groundless.
Experience, specific education or forewarning, is all that prevents this type of charade from widening its base of "victims".
The goal is to get you to type in your details, complete with credit card number and the rest can be guessed.
Some damage is also absorbed by the organisation or company being misrepresented and they can do little about it but warn their customers what to watch out for, and issue security instructions. Indeed, it is from accounts at reputable companies that most passing trade learn the correct or most secure procedures. It is therefore important to read any material that they offer.
Generally though, reputable companies with a mind to preserve their integrity will tell you to log-in at their main page and proceed from there. Not through a link specific to your account!
Hyperlinks can mask the true domain that you'll be brought to, with the text linked to www.anydomaindotcom (example, only), a replica or fake page. Only going to secure pages where one believes that "https" will do it, will always help but wholly unreliable. The "s" is an indication of a secure page, but are you at the right domain?
Place your mouse over the link and the domain attached to such a link, should show itself. Viewing the source code is another way but some knowledge of it is necessary.
Another ploy, sometimes deliberate and sometimes "convenient", is inserting a reference to the "legitimate company" anywhere after the domain name. Ex. https://www.anydomaindotcom/ebay/aagle/. Unwary victims may overlook the fact that "ebay" is not the domain, but see it anyway as a directory or file name. Anyone, anywhere can have a file or directory named like that of a company.
To make matters somewhat worse from an "easy to identify" viewpoint, the source code of the link can be represented as an I.P. address rather than its named counterpart. There are some tools that you can use at http://centralops.net/co/ which you can use to type in the I.P. address and cross reference it with the official account domain presented in the e-mail, or web page for that matter. Opening a second window for investigative purposes and re-sizing both to be side by side can be revealing, and comparisons be made between the alleged source and that of the source code.
www.ebay.com can be put in one window and www.suspiciouslyspurious.com can be put in the other. NOTE; you should be checking domains and ignoring everything that comes after the forward slash at the end of the domain. A similar test can be done for email viruses, where suspicious email addresses can be searched for some degree of authenticity.
If you are phished, try to learn as much as possible about it as phishing attempts and email viruses have some aspects in common. Incorrect spelling is one of them. You must understand that the authors can be from anywhere and not necessarily have degrees in English. Legitimate companies can also be from anywhere, with different primary languages, but do perfect their spellings and general grammar.
Attention to upper and lower case can be another giveaway. This is especially true where particular portions of the text are the design of the author, and not just copied and pasted. Typically, these portions are customised to be customer specific in a general sense, and fonts may even be different or out of place. Such "special" additions are to strengthen the sense of urgency and call to action.
Should you be the recipient of "phishy mail", you can forward it to email@example.com
Seamus Dolly and phising samples are at http://www.CountControl.com/phishy.html