3 replies to this topic

[Humpty]

Keep getting spam here entitled as being from two of my countries major banks and I don't even bank with them.

These are deleted at my server with a lttle app I use.

Nevertheless still a pain in Rs.

Quote from article:

Home computer users are now the favourite targets of hi-tech criminals, reveals research.

The report by security firm Symantec found that cyber criminals are targeting home PC owners because they are the easiest to catch out.

It saw an 81% rise in phishing messages which attempt to trick people into handing over personal details.

Another study by a banking industry body shows many home users do not take basic steps to stay safe online.

Criminals typically use bogus or booby-trapped e-mail messages to lure people into handing over banking details.

Article

[TonyKlein]

May I suggest everyone submit any phishing email they get to the CastleCops "Phishing Incident Reporting and Termination Squad"?

http://wiki.castlecops.com/PIRT

It only takes a minute, and it really makes a difference.

At present, the following organizations already receive PIRT feeds:

8e6 Technologies, Alice's Registry, Anti-Phishing Working Group, Australian Computer Emergency Response Team (AusCERT), Authentium, Blue Coat, Brand Dimensions, CERT / Software Engineering Institute / Carnegie Mellon University, Compete, Co-Logic, ContentKeeper Technologies, CyberDefender, Cyveillance, EveryDNS, Federal Bureau of Investigation (FBI), Firetrust, For Critical Software Ltd, Fortinet, Forum of Incident Response and Security Teams (FIRST), FraudWatch International, IronPort, Infotex, Internet Crime Complaint Center (IC3), Internet Identity, Intellectual Property Services, Korea Information Security Agency (KISA), Korea Internet Security Center (KrCERT/CC), Laboratoire d'EXpertise en Securite Informatique (LEXSI), Malware Block List, National Cyber- Forensics and Training Alliance (NCFTA), Netcraft, NYSERNet, Okie Island Trading Company, OpenDNS, Rede Nacional de Ensino e Pesquisa (RNP), SonicWALL, Sunbelt-Software, Support Intelligence, SURBL, Symantec, Team Cymru, Thomas Jefferson National Accelerator Facility (JLab), TrustDefender, United Online, United States Computer Emergency Readiness Team (DHS US-CERT), Websense, Webwasher, XBlock

[Eldmannen]

Yeah, I also recieved those phishing email for PayPal, Western Union, and other banks.

<a href="http://123.123.123.123/bank/">http://www.some-bank-website.com/account/login/</a>

It can also use JavaScript to change the statusbar text to make it hide the real address and show another address.

[Mike Rochip]

I fell for a phishing scam one time. It was PayPal and looked very authentic. I did notice the address was wrong however and thought "Hmmm, that's strange. PayPal has a Hometown AOL address ." Being not too bright sometimes I continued on. Lucky thing about being not too bright I also put in the wrong PayPal password which was accepted. This finally clued me in and I stopped.

The thing that really got to me was that PayPal was very helpful and so was NetZero. They both gave me instructions and resources to use and said they would investigate.

Once AOL asked me if I was inquiring about setting up a Hometown AOL account and I said I wasn't, the conversation was over. Nice to know they are so concerned about their service being used for fraud!