In light of the recent phishing attacks on local banks, it is of critical importance that consumers learn how to combat phishing – a form of identity theft in which a fraudster uses an authentic-looking email and website to trick recipients into giving out sensitive personal information.
Phisher
Given the rapidly evolving nature of phishing and other fraud activities, RSA Security recommends that consumers not just explore short-term solutions to tackle phishing but take on long-term proactive measures to battle online fraud.
Tips for Consumers
1. Do not open emails and attachments from senders you do not recognize.
2. Log in proactively to the bank website by typing the URL of the bank website – not after receiving an email and clicking on the link
3. Check online banking statements frequently. The faster a consumer knows that something is not right in their bank account, the easier it is to do something about it.
4. Consumers who receive phishing emails should report them to their bank, or to the bank under attack. Many banks have an anti-phishing service in place and they will take action against the fraudsters, but they first need to know about the attack.
5. Change passwords regularly and frequently.
6. Make sure your computer is protected by up-to-date anti-virus and anti-spyware programs. Consumers can also look at using an anti-phishing toolbar that several organizations are offering today for free.
7. Find out what kind of security measures your bank is taking to protect you.
Online fraudsters are constantly developing new phishing techniques in response to increasingly aggressive moves to identify and shut down phishing sites.
One fairly new type of attack, known as a Smart Redirection Attack, is designed to ensure that potential phishing victims always link to a live website. So far at least two attacks on two different banks – one based in the UK and the other in Canada – have been detected.
For a Smart Redirection Attack, the fraudster creates a number of similar phishing websites based at different locations. All of the emails received by consumers contain URLs that direct the victim to an IP address that hosts the ‘smart redirector’. When the potential victim clicks on the link, the ‘redirector’ checks all related phishing websites, identifies which sites are still live, and invisibly redirects the user to one of them.
Fraudsters are aware that once a user identifies the site as fraudulent, s/he will report the site’s address, and there’s a good chance that someone will shut it down. If the fraudster has used a single address for an entire batch of emails, the entire mailing list directed to that site would be wasted. However, sending the redirector address (hidden from the consumer) assures that the consumer will always reach a live site.
Source: HardwareZone[dot]com
Love reading your post. Perhaps fishing stuff info would guide someone have more fun.