If by any chance a person falls for it then by opening up the link in the mail you will be asked to divulge your personal information like your bank details, credit card number, social security number, your ATM details or even your PIN number etc. once you provide these information on that fraudulent site, you have given away somebody who has a criminal bent of mind and will use your information to dupe you. This is phishing and it is increasing by the day. Some mails and site look so genuine that you are not able to differentiate it from the original and you fall in their trap.

There are many phishing examples; a few of them are listed for you here so that you can make out a phishing site or mail. You might just get a mail from your own bank (this of course will not be your bank, it would be a phishing scam), asking you to update your personal details and it would be mentioned in the mail that it is being done for your own security reasons. It is very easy to copy logos and hence you might get into the trap thinking that the mail is genuine. The page would look exactly like the original page. All you have to understand here is that banks will never send you these kinds of mails because they are aware about phishing. If you get mails like these it is advisable that you don’t follow the instructions of the mail and if it asks you to go on a certain link (the link would come attached to you in your mail), you should never go on the link. All you need to do here is just delete the mail and cross check with your bank personally either by phone or by writing a mail to them.

Another phishing example for you, this talks about your ATM card. You get a mail that due to some on line security theft your ATM card has been blocked. In order to get it activated you need to fill in the attachment that is there as a link. Don’t ever get duped by these kinds of mail. This is a phishing scam for sure. You are advised to first cross check and then take any further step because the moment you fill the attachment, which will ask for your personal details and send it, chances are you will be duped for sure.

Similarly another common phishing example, if you get a mail saying deposit some money in order to collect your prize, which of course is in millions, be sure that this is a phishing scam and delete the mail because they will also want you to first divulge your personal details.

Phishing is a growing menace and now we have lot of anti phishing software available that can detect phishing mails and site, they even block them. You also have to be a bit careful and you will in all probability detect a phishing mail or site. Beware of them; it is your hard earned money, take good care.

Post from: Phishing Scams

Phishing Examples

Phishing is an act of illegally procuring or trying to procure confidential financial information pertaining to Bank account (password) and/or Credit Card related detail of an individual or group of individuals. Phishing is usually done by creating look-alike web sites of Banks and Card issuing companies, where unsuspecting people are requested to enter or share their confidential data, through spam email requests. Historically, the origin of phishing dates back to the year 1995-1996.

The earliest schemes of fishing were executed through bulk mailers sent to general public. However, with the passage of time, phishing techniques or schemes have become more sophisticated and almost impossible to interpret. Modern day phishing schemes target social networking sites to a great extent as people usually share their confidential information in such networks and these details are subsequently used for identity theft related crimes.

Commonly used phishing schemes are through use of manipulated links, forged web addresses and Voice over Internet based phishing. Let us briefly discuss each of these schemes.

Forged Web Links were the oldest phishing schemes. This method used a link directed to a false proxy server or webpage with the intention of capturing the user’s information discreetly. This form of phishing used the electronic footprint technology. Hackers could easily interpret confidential information pertaining to off-guard people, once these manipulative links were clicked upon or were responded to.

A more recent phishing scheme was by way of creating a forged website or email address. Under this technique, a very closely resembled dummy website of the bank or credit card issuing company was created by the scamsters. Customers of such banks were sent out mailers requesting for information around their PIN numbers (which is basically the Identification Codes). Usually these mailers would give a detailed background as to why such information was requested with a view to convince the users. More often than not, these websites were created with meticulous attention to detail and were even beyond the suspicion of very finicky customers.

Phishing schemes are not necessarily restricted to Internet. With the advent of Voice over Internet (or VOIP), telephone phishing have also become widely prevalent.  Automated telephone messages (fake) claiming to be from the Bank is sent to the customers of Bank requesting them to update their PIN and/or Internet Banking passwords. As soon as the customer would have responded to such requests, this information would be transmitted electronically to the phishing networks and manipulated thereafter.

Post from: Phishing Scams

Phishing schemes

A number of wicked persons make use of phishing sites by set them as believable spoof of legal Web sites. They then try to trap you when you visit into these Web sites and reveal your private information, such your credit card number, PAN number etc.

Luckily, there are a number of steps you can take help to protect yourself from these and other types of assaults.

Spoofing attacks are regularly used in combination of the phishing scams. The spoofed site is generally designed to appear like the legal site, even components from the legal site are used in the spoofed site. Check the certificate to confirm whether you are at the spoofed site or not.

The text in the address bar may be wrong that gives you illusion that you are at the legal site. So do not rely on the text in the address bar. There are more than a few ways to get the something other than the site you are on in the address bar.

Submit your private information only after verifying the security certificate issued to a site. Before you submit some private information, make sure that you are definitely on the Web site you mean to be on.

You can do this by examining the yellow lock icon on the status bar in the Internet Explorer. This symbol indicates that the Web site uses encryption to protect any sensitive private information like credit card number, Social Security number and payment details. The lock only becomes visible on sites which uses an SSL (Secure Sockets Layer) connection, which is usually used only on sites where you type sensitive information.

The site employs encryption, if the lock is closed. To show the security certificate for the site, you have to double click on the lock icon. This certificate is verified for the uniqueness of the site.

When you verify the certificate, the name issued should match the site you think you are on. If this name differs, you must be on a spoofed site. If you are not sure whether a certificate is legal, do not enter any private information.  Just depart the Web site.

When new subscribers sign up for MSN services, they can compare the issued domain name (msn.com) to the Web site domain name (also msn.com).

Post from: Phishing Scams

Phishing websites

Reporting of phishing scams is a detailed and well documented process in most countries of the world. Let us understand by what is meant by reporting of such scams.

Notify Banks or Credit Card issuing companies – The first step of reporting a phishing scam is to immediately bring to the notice of banks or credit card issuing companies, about the existence of any suspected mailer. Customers can either walk up to the nearest branch office or where there are phone banking services available, notify the authorities about suspected phishing related mails. Immediately upon receipt of any such complaint, the bank authorities could engage their dedicated anti-fraud sections or issue general notifications towards all its existing customers, not to respond to any suspicious communications over the internet.

Notify Police and/or Economic Offenses group – Most countries of the world today have a special cell within the police department meant for handling economic offenses and/or cyber crimes. Reporting phishing scams to these authorities therefore becomes mandatory, once a person gets to suspect or happens to receive any fraudulent communication asking for confidential financial information through the internet.

Notify the Internet Service Provider – Next in sequence would be reporting to the Internet service provider. Any phishing scam would initially originate from a particular computer and if notification to the service provider is given immediately, means of tracking down the culprit becomes easy and less time consuming. Internet Service Provider has a crucial role to play once phishing scams have been reported as the concerned police department or legal authorities would need to fall back on them for tracking and identifying the source computer. Usually this is done by way of Internet Protocol Address (IP) tracking.

Reporting phishing scam should be considered to be critical by the citizens in same way as reporting of an act of terrorism or act of legally punishable criminal action. Although the above mentioned methods are the major reporting types, an individual can report phishing scams in means other than above as well.

Post from: Phishing Scams

Report Phishing scam

Post from: Phishing Scams

Bank of America Phishing Email

Phishing is giving sleepless nights to many. It is a form of identity theft where in you get fraud mails or you are advised to visit fraudulent sites and if you get in there trap they will try to extract your personal details that might include your credit card details or your banking details. It can prove to be very dangerous and leave you sulking for a lifetime.

Microsoft phishing filter is a powerful security program designed to help consumers and businesses in protecting against fraud websites and data/identity theft. This phishing filter blocks more than one million to visit known phishing sites every week. This filter helps to protect more than two hundred million users of windows Internet explorer around the world.

If your computer is running on Microsoft Windows XP you can install this filter created by Microsoft. This will prevent all kinds of identity thefts. You can install Microsoft phishing filter if your system supports Windows XP (Home or Professional edition). There is no specific hardware compatibility required for installing Microsoft’s phishing filter. It requires Windows XP and has course an Internet connection.

Once you have installed this phishing filter provided by Microsoft you would like to know a little bit about its functioning. The Microsoft phishing filter works in the back ground while you are on the Internet. Microsoft phishing filter uses three different methods to monitor you and your system from fraud mails and fraudulent web sites.

First is the neutral mode. It indicates that Microsoft phishing filter is running on your computer. The second mode is the blocking method. Any fraud web site that you come across on the Internet, this filter will flash a message saying the site has been blocked for your safety. The third mode is the warning mode that your filter gives you. It does a lot of scanning and if doubtful sites are detected you get a warning and you can navigate out of the site.

With a brand name like Microsoft behind it, Microsoft phishing filters need no further certification of reliability. You don’t have to say it the second time. The moment you are made aware of Microsoft phishing filter you are almost ready to say that you will go for it. If you are one of those hard ones to crack all you need is do a bit of research on phishing filters and in no time you will zero in on Microsoft phishing filter.

Once this filter is in place you will automatically start relaxing because you now know that fraud with you, as far as phishing is concerned, cannot happen because Microsoft phishing filter is there to protect you and your identity.

Post from: Phishing Scams

What is a Microsoft Phishing Filter?

What are the steps that can be taken to prevent us from being a victim of twitter phishing?

• The latest versions of the browsers (mostly) have the built in anti – phishing features but the sad thing about it is that most of the users disable such features as this anti – phishing features reduces the performance and the browsing the twitter also becomes a slower process. It is important to enable the anti – phishing twitter features. This point is also given in the guidelines which help to prevent being a victim of twitter phishing.

  Another reason why the phishers love Twitter is that because Twitter likes the mysterious things such as short URLs. Twitter will be unable to share anything when the tweets are short without the URL. There are short URLs which are so common in twitter and no one seems to question the existence.

• The short URLs can be killed when you see it or you can find it through their length and this will protect yourself from the phishing attacks is another advice provided by the twitter experts. In order to kill short URLs the twitters use the third party applications (for instance, long URL). When you see the short URLs twitters can find where the links will lead them to. Some of them will look very suspicious and you should avoid clicking on it.

“Phishers use twitter” is not a new thing. The security personnel tell that the security community expects the phishing in twitter as the time period where the social networks which are used as a launch pad which can be used against phishing attack. Most of the twitter phishing happens when we message from social networking sites. So many of the phishing attacks still take place because it is hard to find the network and even if it is found the network is common.

Post from: Phishing Scams

Twitter Phishing

Phishing is the fast rising warning on the Internet and a unique way of stealing. It is mainly concerned with the technologically advanced cheating by means of phony Web sites with the purpose to steal precious private information such as user names, passwords, credit card numbers, and Social Security numbers.

Phishing Filter, is an original security characteristic especially designed to vigorously inform users if they visit a phishing site.

Phishing Filter is a special characteristic of Internet Explorer. Phishing Filter assists us in checking phishing Web sites. At any time a user visits a Web site, Phishing Filter contrasts the address of the Web site with a list of lawful sites accounts to Microsoft. This list is stored on the computer of user. Additionally, it also helps the user to examine a site whether it is a phishing Web site or not. If it believes that it is not a phishing site then it sends the Web site address to Microsoft with the user’s permission for extra scrutiny against a regularly modified list of reported phishing Web sites. If the address is displayed in reported phishing Web sites list then the Internet Explorer gives a caution. According to this information the user decides to continue or to close the page. If the Web site includes features familiar to a phishing site but is not found on the list, Internet Explorer alerts a message in the Address bar that it may be a phishing Web site.

Phishing Filter does not verify each URL on the Microsoft server. It sends only those which are not present on the recognized list of okay sites or those that come into view through doubtful based on heuristics. If any URL is checked on the Microsoft server, initial URL is exposed to the path to help in removal of personal information, and then the left over URL is sent on a safe SSL connection.  The communication is done asynchronously with the Microsoft server so that there is no bad effect on your browsing.

If your website is revealing as doubtful or blocked, you can click on the red or yellow warning in the Security Status Bar and click on the connection to send feedback about the error. You can fill the essential information on the feedback page and appeal to have your website re-examined.  After that it is re-examined by the Phishing Filter team. Based on the reexamination the site will either be removed from the list or left as it is.

Post from: Phishing Scams

Phishing Filter

What we know and what we acquire is a waste if it is not executed in the right manner. We need to be aware of the threats that phishing causes. In order to tackle phishing related dangers we need to give concise and precise training to as many people as we can. If it is an organization we need to train everybody how to prevent phishing, or going a step further if your employees are able to detect phishing mails or sites or contents than your anti phishing training program has really been a success.

Those of you using Internet at home should also do a research on anti phishing training. This will enable you to use Internet in a more secure and safe manner. We all are aware about the damages phishing can cause to us; some of us have already been victims of phishing. So, how will you avoid phishing in future? Sitting at home you can acquire anti phishing training. A lot of training material is available on the net. All you have to understand is that anti phishing training is a must.

In anti phishing training program the basic content would be as follows: If a message or a mail comes to you asking for personal or financial details, never reply or click on any links on that mail/content. A few smart hackers would probably try to lure you by providing a telephone number (mentioning telephone number gives credibility), don’t trust them either. It could well be part of the scam as they are able update the account information, if give them a call. It is advisable to use or install anti virus and anti spy ware software along with a firewall. This should be updated on a regular basis. Never ever mail your personal and financial details to people not known to you. Keep a tab on your credit card statements; you should know what you have purchased or else it has to be a scam. In case you are an employee and you see sign of phishing you should immediately report it to the concerned authority in order to minimize the damage.

If you are an individual or if you work as an employee the above mentioned anti phishing training methods should give you enough information and ammunition to tackle the phishing menace. All you have to do is follow the anti phishing training programme and you will see that you can be more secure and prepared, chances are you will never fall for it.

Post from: Phishing Scams

Anti Phishing Training

Spam is irritating, annoying, disturbing and can create problems to our networks. But phishing is actually devastating. It can cause and inflict irreparable damages. Phishing is the formation of e-mail messages and web pages that are duplicated in such a way it seems like an original and asks users to divulge their passwords, credit card details, other personal information, etc. It is a great menace for Internet users. This is how we come to this phrase, anti phishing solutions.

Anti phishing solutions are very important for us if we are Internet users. It has become such a problem that anti phishing working group has been formed. They develop acceptable solution to e-mail phishing scams. This organization comprises of financial institutions, e-commerce providers, ISPs and web e-mail services and software vendors. They provide technology, resources, expertise and vision, in short they provide anti phishing solutions.

The anti phishing working group has developed a web site namely, Antiphishing.org which provides assistance to those who are looking for anti phishing solutions.

The best way to avoid phishing is to make an effort that includes prevention, detection and education to as many people as possible. If anti phishing solution has to be effective then we must remember and understand a few things. One should prefer using existing standard based technology. End user training is not a solution. Unilateral deployment must add value for anti phishing solution. Last but not the least it must be cost effective for senders, recipients and Internet service providers.

Three possible technological anti phishing solution are: to verify the sender’s e- mail server use enhanced DNS capabilities. Users visiting the business web site should doubly authenticate themselves. And finally use S/MIME digital signatures to sign mails that you are sending.

Another anti phishing solution for companies and financial institutions are to know when phishing attack has been started or launched. Prevention is better than cure, as they say, it allows to minimize the damage. Banking sites, most vulnerable for phishing, once they are aware of the threat or attack they disable access to their service till the time the attack has been contained or disabled.

Commercial services are now available that monitor the domain name service for phishing threats. They act in a more pro-active way by informing about the potentially threatening new domain names.

Some more anti phishing solutions that are useful are: Have strong website authentication, get mail server authenticated, send digitally signed e-mail with desktop verification and digitally signed e-mail with gateway verification is very helpful. These are some of the important anti phishing solutions

You can also get Finjan secure web gateway. They provide organizations with a united web security system. Each and every incoming and outgoing web content is analyzed very minutely and phishing websites are blocked immediately. This is another important and accessible anti phishing solution. Therefore after finding solutions to your phishing problems you can relax and use the Internet freely.

Post from: Phishing Scams

Anti Phishing Solution