Phishing Tips

Further to my column in today’s AWSJ Personal Journal on Daniel McNamara, who I (tho certainly not he) have christened the ‘Anti-Phisher King’, are some tips I asked him to put together on avoiding phishing scams.

User Tips

Standard Phishing Emails

  1. Just remember that NO bank will ever, ever ask you to confirm details via email. If a bank seriously needs you to confirm information they will always require your physical presence or at the very least by phone.
  2. Banks never need you to confirm your password or PIN. They run the systems and if they ever run into problems with these it’s much simpler for them to scrub the current records and replace them with new ones.
  3. They tend to be pretty un-imaginative using the same wording over and over again. Have a read through some previous phisher emails and you’ll soon spot some common patterns.
  4. There’s always the obvious clue that the bank that requires you to confirm your details is not one you actually bank with.
  5. Ebay/Paypal Scams – Just like the banks these guys never need you to confirm your details. They do control the systems so it’s far easier for them to reset the information than to get the client to verify it.
  6. Remember this simple fact. The emails claim that due to whatever issue you need to verify your details. A quick bit of common sense shows that if they’ve screwed up the data they have what exactly are they going to verify against?
  7. The emails always threaten account closure if you don’t comply. If a bank was seriously considering closing your bank account that would almost certainly contact you in writing (via good old snail mail) or over the phone.

Job Scams

  1. Remember these jobs scams don’t just arrive via email. There have been cases of the phishers inserting these jobs into real job sites. The job sites generally do a good job of scrubbing these fraudulent job listings but occasionally they will miss one or two.
  2. Job scams are sometimes sent out via broadcast ICQ/MSN messages. If you receive an email from someone you do not know offering you a job, particularly if it offers large amount of income for very little work, treat it with extreme suspicion.
  3. Any job that offers you to make thousands a week is automatically suspect. No legitimate job (other than that of a CEO) will ever pull that sort of cash.
  4. The jobs scams almost always claim they are a European company have troubles doing overseas money transfer. This is ridiculous. Todays financial systems allow for businesses to transfer money anywhere they want in the world without resorting to wiring services such as Western Union.
  5. A “job” that pays by percentage kept from a money transfer is not legal from a tax point of Remember in the real world the employer needs to pay the appropriate amount of payroll tax. The way the jobs scams operate falls outside of this area.

Trojan Lure Emails

  1. These emails are almost always designed to get an emotional not rational response. As such the will claim things like your credit card has been charged, there is some form of huge natural disaster/terrorist attack or some of other story designed to make people click on the link out of fear or curosity.
  2. Some lure pretend to be questsions from eBay or PayPal people. Most of the time these emails looking slightly out of place

General Tips

  • By cynical. Seriously. The way the internet is today end users no longer have much of a choice but to approach anything they are presented with on the web/email as highly suspect until you feel you have enough hard evidence to prove it.
  • Keep your windows machines up to date. Yes even if you are on dial up. The time you spend now could save you from a very expense headace down the road. Make sure you run Windows Update at least once a month.
  • Use anti-virus. Doesn’t really matter which one you use as long as you actually keep it up to date. All current anti-virus systems are simply signature based checkers and can only check for trojans they actually know about.
  • DON’T treat anti-virus and firewalls as the magic bullet for this problem. Despite what many companies will try and sell you there is NO all in one cure for this. There is always a way around firewalls, there is always some lag time between the time a new trojan is released and when the anti-virus companies update their signatures. Having said this you should still use these products because most of the time they will help save you.
  • If you receive an email you’re unsure about ask the place is supposedly from. It’s worth it just to double check it now than pay the price in the future.
  • If you come across an email you know to be fraudulent try and make steps to inform the bank/company involved. Most major ones these days have a facility to do this now.
  • If you have become embroiled in one of the money laundering job scams you need to cease contact with the scammers. Don’t send them emails saying you’ve found them to be a scam and don’t respond to their inquiries. Then contact your bank’s anti-fraud department. Depending on the level of service of your bank’s helpdesk this may take a little work but once you get through to the anti-fraud department you should find it is staffed by competent and understanding people who will work with the police in order track the stolen money. Be aware this process may result in your account being frozen for a few days while this happens. Better this than potentially being charged with aiding and abetting fraud.
  • If you have been involved in a job scam like the ones we’ve seen to date do not try and hold onto the money from the “job”. Remember some that money has been stolen from some other person’s account and you have no more right to it than that of the scum that stole it in the first place.

17. December 2004 by jeremy
Categories: Phishing | Tags: , , , , | 1 comment

One Comment

  1. These are all excellent suggestions, but there are also some very effective pieces of software that can block nearly all phishing scams. One of them is produced by our company (FraudEliminator). We make a free product that blocks phishing sites using a constantly updated blacklist, as well as artificial intelligence. (Some things we look for are IP address in the URL, presence of financial keywords, and website hosting location).

    For example, a large percentage of phishing scams are hosted overseas—but most people would never know. When you install our product, you’ll see exactly where each website you view is hosted.

    Hope this doesn’t seem like an advertisement, but the product is completely free. Our main business is providing this data to financial institutions.