Categories
Going Fishing for Data
February 2, 2010
A few days ago the Chicago Tribune reported on the discovery of hundreds of documents containing social securirty numbers, driver license numbers, and other sensitive information lying on a Des Plains street. The discovery is an example of the carelessness nature by which private information is often handled in our modern world. Yet, most of us are provided with the opportunity to carelessly disclose senstive information on a daily basis. This information will not be found floating in the wind on some street or even in plain sight in a trash can. Instead it’s online for millions to be see. Though much has been reported on phishing little has been done to teach the average internet user how to discover whether an email or website is real or fraudulent.
For example let’s review the email below. In red you’ll find tell-tell signs that an email is a phishing attempt along with additional tips & comments in bold red.
After Reviewing the email there are at least six instances where something’s wrong.
For Issues 1 & 2 .The syntax, name of service, and use of English is either completely wrong or off the mark in some way.
For Issues 3 &4 .It should be noted that no legitimate service will ask for your account information be email.
For Issue 5 . This should raise a RED FLAG. Not only should you not give your account information out by email a legitimate service will not ask for any account information for unrelated services.
For Issue 6 . The final flag be the use of incorrect service names. The service is Yahoo/Yahoo Mail, not Yahoo Gateway (which does not exist).
While this email was fairly easy to detect as a phishing scam many are not. Scammers are improving their techniques daily using official looking logos, email designs, and more. Make sure if you click on any URL in an email it takes you to the place you expect.
For more information on phishing visit http://www.microsoft.com/protect/fraud/phishing/symptoms.aspx
Posted by .(JavaScript must be enabled to view this email address) in News