Log in

No account? Create an account
Andrei in the office


Andrei's Universe

One man's journey from infinity to nothingness

Previous Entry Share Flag Next Entry
Andrei in the office

Duck Season? Wabbit Season? PHISH SEASON!

About 2 years ago I fell prey to a Phishing scam.

I received a link via IM from a friend. It was a web site on Geocities. Geocities is owned by yahoo.

When I got to the GeoCities page I got the customary warning that the web page was adult oriented and I'd have to log in to get access.

Problem was, the log in screen wasn't to Yahoo. It was the phisher. They got my username and password. Promptly logged in and changed it. Then they proceeded to send the link from my IM to anyone on my list.

This little mess too me 5 days to clean and required me phoning names on the corporate executives list until someone realized that their customer support was really lousy.

So to mark nearly 2 yrs... I got an IM on Yahoo from a friend with a link.

Wouldn't you know.. it was Geocities and a Yahoo login page. Well (an unsafe login page)

I've been thru this on a very detailed level. I know what the exploits are that phishers are using and I know how to get them shutdown quickly.

The first step is recognizing them.

SonicWall has put up a really good EMAIL PHISH TEST.

10 pieces of email. Are they legitimate or are they an attempt to get your information?

Here's the test. I got 10/10 the first time thru. How well do you know your phish, from your spam, from your legitimate provider email?

  • 1
I got 9/10 - I thought one legitimate was phishing, for pretty good reasons too.

Was it #5? I call shenanigans on #5.

1. If it were my account, I'd know that was or wasn't my card number.

2. Generic, form e-mails are NOT an automatic sign of a phish.

3. The test did not allow us to view source or in any other way determine the actual source of the mail or the destination of the link, so all we had to work with was the status bar and URL text...which were 100% correct.

In short, that one was rigged. I don't understand the point of including it in the test, except to somehow force almost everyone to get it wrong and prove that nobody is safe. (Except for those of us that are, because we watch this stuff like a hawk.)

I got 9 out of 10 and got all of the actual phish right :)

I got 8 out of 10--missed one phish and one legitimate. But I'm not worried about it.

For 98% of these messages, I set the email to "full headers" and forward it to the appropriate "spoof" department at the company that is being impersonated. When I receive a particularly convincing email, I warn people I know. But I never follow links through emails unless I'm expecting the email.

I have on occassion received emails reminding me to update my credit card that is about to expire or some such. If I believe it to be legitimate, I open a new browser window, log on to the site in question, and check to see if my information is really in need of an update.

I got 8/10, because I considered a couple valid e-mails to possible phish(es?). In this regard, this quiz is a bit biased - it would be better to err on the side of caution and consider everything a phish wouldn't it? On the other hand, trying to determine if something is a phish from a simple e-mail isn't neccessarily an indicator of safeness either. I could go to any of those sites and not care about whether they were phishing or not, but I certainly wouldn't give out any personal information to a site linked from an e-mail, no matter what... (I would call my bank or whoever instead)

  • 1