Print This Post Print This Post

I've Been Lazy! (Phishing)

February 10 2009 by Teksquisite in Security |No Comments

It is time to blow the dust off this blog and get back into updating the Tekblog on a regular basis!  I must confess that I have been ultimately quite lazy since the New Year began.  The move took a huge amount of energy and I am still not completely unpacked.  The storage room has evolved into a catastrophe of endless boxes still covered with tarp…

The first security post of 2009 involves protecting your personal data and how not to become a victim of phishing.   The Canadian Marketing Association defines phishing as “a type of deception designed to steal your valuable personal data, such as credit card numbers, passwords, account data, or other information.”

It appears that ASProx botnet is squirming around a bit.  Shadowserver Foundation reported on January 29th of this year that ASProx had been phishing again at the UK Alliance and Leicester Commercial Bank.

If you do your banking online it is very important that you verify that you are using the correct website! I have a few suggestions that you can begin utilizing today:

1- Look for the GOLD lock in the lower left or right hand side of your internet browser and make sure that the web address for the bank begins with https://

2- Double-click the GOLD lock and make sure that the site security certificate matches the name that is on the address bar.  If you are not sure what you are looking for check out the TD Banknorth website at https://secure.tdbanknorth.com

The name on the address bar at TD BANKNORTH should be secure.tdbanknorth.com and it will be located right next to the GOLD lock.

3- Use the Firefox web browser and install the ShowIP add-on.  ShowIP will display the sites IP address.  If you are not  familiar with internet addressing then you can peek at this nice little article at Wikipedia.

When I arrive at the https TD Banknorth site the IP address is 12.111.190.163. This is a static IP address. I can verify the IP address by looking up secure.tdbanknorth.com in the WHOIS input box at Samspade.org. The Samspade search will return this value: secure.tdbanknorth.com = [ 12.111.190.163 ]  This is a perfect IP match and I can now safely bank online!

Network Security Journal lists 44 ways to guard against phishing attacks and states  “If you come across a phishing scam, REPORT it at once to the Anti-Phishing Working Group, the U.S. Federal Trade Commission (FTC) and the FBI through the Internet Fraud Complaint Center, both of whom work to shut down phishing sites and catch those responsible.”  Be sure that you close any compromised accounts immediately.

Until next time — safe surfing!

Final Note: Firefox 3 or later contains built-in Phishing and Malware Protection.

Tags: , , , , , , , ,

No Comments

(Required)
(Required, will not be published)

Comment moderation is enabled. Your comment may take some time to appear.

« »
Theme Tweaker by Unreal
Private

Tekblog is Digg proof thanks to caching by WP Super Cache