Newsletter - December, 2008
|
Dealing with Hoaxes and Phishing Email
If you have a PayPal or Ebay account (and even if you
don't) you will most likely receive a few phishing emails a
week. I deal with them by sending them to either
spoof@paypal.com or
spoof@ebay.com.
They make an attempt to go after these crooks and will email
you back and let you know if it is a legitimate email or a
phishing email. I have not received one yet that was
legitimate. NEVER EVER CLICK
ON A LINK IN AN EMAIL TO UPDATE ACCOUNT INFORMATION!
Go to your account from your browser and log in.
If you need to do anything, there will be a message there.
If you log in via an email link you will have given the
phishers what they want - your username and password!
 Check out the validity of any hoax at
www.snopes.com. This is a great website that is
basically an encyclopedia of urban legends and hoaxes.
It will let you know if it is real, fake or can't be
verified. It's fun just to cruise around in here and
find out how many things we thought of as true, really
aren't.
When contacted about an account needing to be "verified"
(or any other topic used by phishers), it is a sensible
precaution to contact the company from which the e-mail
apparently originates to check that the e-mail is
legitimate. Alternatively, the address that the individual
knows is the company's genuine website can be typed into the
address bar of the browser, rather than trusting any
hyperlinks in the suspected phishing message.
If in doubt about an email you receive, call the company
you received it from or call me! |
About Email Hoaxes and Phishing
 Internet hoaxes and chain letters are e-mail
messages written with one purpose; to be sent to everyone
you know. The messages they contain are usually untrue. A
few of the sympathy messages do describe a real situation
but that situation was resolved years ago so the message is
not valid and has not been valid for many years. Hoax
messages try to get you to pass them on to everyone you know
using several different methods of social engineering. Most
of the hoax messages play on your need to help other people.
Who wouldn't want to warn their friends about some terrible
virus that is destroying people's systems? Or, how could you
not want to help this poor little girl who is about to die
from cancer? It is hard to say no to these messages when you
first see them, though after a few thousand have passed
through your mail box you (hopefully) delete them without
even looking.
Chain letters are lumped in with the hoax messages because
they have the same purpose as the hoax messages but use a
slightly different method of coercing you into passing them
on to everyone you know. Chain letters, like their printed
ancestors, generally offer luck or money if you send them
on. They play on your fear of bad luck and the realization
that it is almost trivial for you to send them on. The chain
letters that deal in money play on people's greed and are
illegal no matter what they say in the letter.
In the field of computer security, phishing is the
criminally fraudulent process of attempting to acquire
sensitive information such as usernames, passwords and
credit card details by masquerading as a trustworthy entity
in an electronic communication. Communications purporting to
be from popular social web sites (Youtube, Facebook, Myspace),
auction sites (eBay), online banks (Wells Fargo, Bank of
America, Chase), online payment processors (PayPal), or IT
Administrators (Yahoo, ISPs, corporate) are commonly used to
lure the unsuspecting. Phishing is typically carried out by
e-mail or instant messaging,[1] and it often directs users
to enter details at a fake website whose URL and look and
feel are almost identical to the legitimate one. Even when
using SSL with strong cryptography for server authentication
it is practically impossible to detect that the website is
fake. Phishing is an example of social engineering
techniques used to fool users, and exploits the poor
usability of current web security technologies. Attempts to
deal with the growing number of reported phishing incidents
include legislation, user training, public awareness, and
technical security measures. |
|
|
Happy
Holidays! |
This Month's Special!
I am pleased to announce that I recently
purchased a new Search Engine Submission program that can be
used to submit your website to the following major search
engines:
MSN,
Yahoo, Accoona
Subjex, Search Site
Scrub The Web, DMOZ
Google, WhatUSeek
Entireweb, Search Who
Walhello, National Directory
Exact Seek, Surf Gopher
SearchEngine, Web Squash
Splat, Aeiwi & Info Tiger
The software I was previously using would
submit to about 100 websites, but they weren't going
directly to many of these major search engines.
I am offering a special price for Search Engine
submission of just $40.00 per website. This service is normally $80.00! if your
website hasn't been submitted over the past six months now
is the time to take advantage of this.
Don't waste hundreds of dollars
on "SEO Experts" who spam you with false claims of top
rankings and then charge a monthly fee! It just
promotes more spam by acknowledging their email!
This offer is only good for the months of
December and January so contact me soon - even if I
didn't create your website or you're not a client of mine.
Kolleen Powers
(916) 691-3085
kolleen@power-site.com |
Have a Great and Prosperous
New Year!
|
|
