|
Piracy/LEGAL/Hackers/SPIES/AI /CRYPTO/Scams & Internet News Anything Related to Piracy, Warez, Legal Matters, Hackers, Internet News & Scams and How it Affects Sites/Members Can Be Read Here. Please do NOT post links to other Sites, but you May Name Them if They are Scam Sites |
IMPORTANT ANNOUNCEMENT |
Hallo to All Members. As you can see we regularly Upgrade our Servers, (Sorry for any Downtime during this). We also have added more Forums to help you with many things and for you to enjoy. We now need you to help us to keep this site up and running. This site works at a loss every month and we appeal to you to donate what you can. If you would like to help us, then please just send a message to any Member of Staff for info on how to do this,,,, & Thank You for Being Members of this site. |
|
LinkBack | Thread Tools | Display Modes |
31-01-14, 03:48 | #1 | |
Official Site Uploader & TECH ADVISOR
Join Date: Aug 2013
Location: Australia
Posts: 8,277
Thanks: 217
Thanked 2,767 Times in 2,104 Posts
|
Can You Smell Something Phishy?
Can You Smell Something Phishy?
Can You Smell a Phish? The latest fad in email scams is spear-phishing: deceptive emails highly targeted and carefully crafted to fool even the best anti-phishing technology. A savvy human being can still spot spear-phish reliably, but it’s getting more difficult as scammers refine their craft. Here’s is a little test you can take to see if you’re smarter than modern phish... Can You Identify Phishing Scams? Websense offers a two-minute challenge called Operation Spear Phish in which you review six real-life emails and decided which are phish and which are not. The test even gives you two clues about each email. The timed aspect of the test precludes “cheating” by consulting others or searching online. One of the phish is obvious: an email from a stranger in Lithuania requesting your help in moving some money. This is the classic Nigerian 419 spam; few geeks fall for it these days, but occasionally the Internet laughs at a lawyer, banker, or other presumably smart professional who does. Other phish in the test require a peek at what’s under the surface of an email. Hovering the cursor over a highlighted word that indicates a clickable link will reveal the underlying URL. Clues in a URL can tip you that something is wrong; for instance, if the URL’s domain is some server in a foreign land but the email is supposedly from a U.S. firm. Some servers are infamous as hosts of scammers; if you know the most popular rogue servers, you can spot them in a hidden URL. Spear Phishing Still other spear phish attempts are just a little bit off in their text. “Dear valued customer” is not how Paypal addresses me; it uses my registered first and last names to assure me that an email is really from Paypal. It's also common for to find awkward English phrasing, poor grammar and spelling mistakes in phishing emails. Getting To Know You Spear phishing is so called because it is highly targeted, often going after a specific individual rather than a broadly defined group or random population. A scammer may know that you, John Doe, bought a plane ticket to Canberra, Australia, on the 19th of last month. Such details tend to lull readers into believing, “Yeah, no scammer could know that, it must be legit.” But they do know. How? Probably because you told them and everyone else on Facebook, Twitter, or some other social media site. “I just bought a ticket to Canberra, Woo-Hoo!” Don’t do that; you never know who may be reading. If you get a social media "friendship" request from someone you've never heard of, be on guard. You even have to look carefully at the link before you click. If you must share your personal business, share it only with real-world friends you can trust. Learn how privacy settings of your social media sites work and adjust them to keep strangers from reading what strangers should not know. Remember that social media sites make more money the more data their users share, so the default privacy settings are probably NOT designed to prevent spear phishing. Hello, Your Name Is... Another source of information for spear phishers is the massive data breaches that are happening all too often lately. The recent breaches of security at Target Corp, Neiman Marcus and other retailers affected tens of millions of people, and revealed not just debit and credit card data, as first reported. The hackers also obtained names, mailing addresses, phone numbers and email addresses for many of those customers affected. So you can imagine how easy it would be for a scammer to craft an email that was addressed to you by name, mentioned some of these personal details, and asked you to click to verify the activity on your credit card. Here's an example: Quote:
To protect yourself against spear phishing, you must pay closer attention to every email even if it's apparently from a trusted source, or a company you regularly deal with. If the email makes an unusual request, such as "verifying" login credentials, it may well be a phish. And remember, the presence of personally identifying details in the email is no guarantee that it is legitimate. Most browsers and email clients will display the URL of a link if you hover your mouse over it. Look for misspelled URLS that won't take you where they suggest they will. For example, faecbook.com is an entirely different domain from facebook.com. Even better, use a bookmark to reach the site in question, or key in the web address by hand. BE ALERT. Look at all the details. If something doesn't seem right, it probably isn't!! |
|
The Following User Says Thank You to jenkins4 For This Useful Post: | FreaknDavid (31-01-14) |
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
|
|