Sunday, February 6, 2011

What does a phishing E-mails look like ?


It is never a good idea to click on any hyperlink in an e-mail, especially from unknown sources. You never know where the link is really going to take you or whether it will activate malicious code. Some hyperlinks can take you to a fake HTML page that will try to scam you into typing sensitive information. If you really want to check out the link, manually retype it into a Web browser.Whenever you are passing sensitive information such as credit cards or bank information, make sure the address bar shows "
https://" rather than just "http://" and that you have a secure lock icon at the bottom right hand corner of your Web browser. You can also double-click the lock to guarantee the third-party SSL certificate that provides the https service. Many types of attacks are not encrypted but copy an encrypted page. Always look to make sure the Web page is truly encrypted.



As the technologies gets better and better, the people behind the phishing scams also become more devious. They now use pop-up windows, official logos, and mock-secure connections copied from actual Web sites.

Picture 1 shows an example of a fishing scam e-mail.

The link in this e-mail, which is suppose to go to eBay, actually goes somewhere else.You can see that this text is actually hiding a link to another site (66.246.90.60), as shown in the close up in Picture 2. And also, the original link text does not have a "https://" secure address, but if a link like this read "https://" you might think it was safe while it could actually be hiding a fake, non-secure URL.

Picture 2



No comments:

Post a Comment

back to top