12-18-2003, 08:48 PM
During the hectic holiday season, many shoppers rely on the convenience and speed of buying online. If you're among them, be sure to use the same level of caution on the Web that you would use at a crowded mall or gift shop. Otherwise you could be taken advantage of by malicious individuals.
Unfortunately this year, the holiday shopping season is coinciding with a rise in Internet crime. One particularly disturbing trend involves an increase in fraudulent phisher websites. In a phishing scam, a malicious attacker sets up a convincing-looking spoof of a legitimate website, then tries to trick people into revealing personal information, such as credit card numbers. There are several easy steps you can take to help protect yourself from this and other types of attack. What Can Happen—And How to Avoid It
Several types of attacks are used to steal information and other assets on the Web. The most common ones include: [ul] [li]Phishing attacks. [li]Spoofing attacks. [li]Viruses. [/li][/ul] Phishing Attacks
Phishing is the act of luring someone to a spoofed website. One common method is to send an e-mail that looks like it came from a trusted source but that contains a link to a malicious site. The malicious site is designed to look like the legitimate site in an effort to trick you into revealing personal information or downloading a virus. Spoofing Attacks
Spoofing attacks are commonly used in conjunction with phishing. The spoofed site is usually designed to look like the legitimate site, sometimes using components from the legitimate site. The best way to verify whether you are at a spoofed site is to verify the certificate. Keep in mind that there are several ways to get the address bar in a browser to display something other than the site you are on. Therefore, do not rely on the text in the address bar as an indication that you are at the site you think you are.
Always verify the security certificate issued to a site before submitting any personal information.
Before submitting any personal information, ensure that you are indeed on the website you intend to be on. In Microsoft® Internet Explorer, you can do this by checking the yellow lock icon on the status bar. This symbol signifies that the website uses encryption to help protect any sensitive personal information—credit card number, Social Security number, payment details—that you enter.
[signature]
Unfortunately this year, the holiday shopping season is coinciding with a rise in Internet crime. One particularly disturbing trend involves an increase in fraudulent phisher websites. In a phishing scam, a malicious attacker sets up a convincing-looking spoof of a legitimate website, then tries to trick people into revealing personal information, such as credit card numbers. There are several easy steps you can take to help protect yourself from this and other types of attack. What Can Happen—And How to Avoid It
Several types of attacks are used to steal information and other assets on the Web. The most common ones include: [ul] [li]Phishing attacks. [li]Spoofing attacks. [li]Viruses. [/li][/ul] Phishing Attacks
Phishing is the act of luring someone to a spoofed website. One common method is to send an e-mail that looks like it came from a trusted source but that contains a link to a malicious site. The malicious site is designed to look like the legitimate site in an effort to trick you into revealing personal information or downloading a virus. Spoofing Attacks
Spoofing attacks are commonly used in conjunction with phishing. The spoofed site is usually designed to look like the legitimate site, sometimes using components from the legitimate site. The best way to verify whether you are at a spoofed site is to verify the certificate. Keep in mind that there are several ways to get the address bar in a browser to display something other than the site you are on. Therefore, do not rely on the text in the address bar as an indication that you are at the site you think you are.
Always verify the security certificate issued to a site before submitting any personal information.
Before submitting any personal information, ensure that you are indeed on the website you intend to be on. In Microsoft® Internet Explorer, you can do this by checking the yellow lock icon on the status bar. This symbol signifies that the website uses encryption to help protect any sensitive personal information—credit card number, Social Security number, payment details—that you enter.
[signature]