‘Spoofing’, ‘Phishing’ and ‘Link Altering’ - Expensive Financial Traps
A growing rank of Internet crooks are now using new tricks called "phishing" and "spoofing" to steal your identity. Bogus e-mails that attempt to trick customers into giving out personal information are the hottest new scam on the Internet.
"Spoofing" or "phishing" frauds attempt to make internet users believe that they are receiving e-mail from a specific, trusted source, or that they are securely connected to a trusted web site, when that’s not the case at all, far from it. Spoofing is generally used as a means to convince individuals to divulge personal or financial information which enables the perpetrators to commit credit card/bank fraud or other forms of identity theft.
In "email spoofing" the header of an e-mail appears to originate from someone or somewhere other than the actual source. Spam distributors often use email spoofing in an attempt to get their recipients to open the message and possibly even respond to their solicitations.
"IP spoofing" is a technique used to gain unauthorized access to computers. In this instance the unscrupulous intruder sends a message to a computer with an IP address indicating that the message is coming from a trusted source.
"Link alteration" involves the altering of a return internet address of a web page that’s emailed to a consumer in order to redirect the recipient to a hacker's site rather than the legitimate site. This is accomplished by adding the hacker's ip address before the actual address in an e-mail which has a request going back to the original site. If an individual unsuspectingly receives a spoofed e-mail and proceeds to "click here to update" account information, for example, and is redirected to a site that looks exactly like a commercial site such as EBay or PayPal, there is a good chance that the individual will follow through in submitting personal and/or credit information. And that’s exactly what the hacker is counting on.
How to Protect Yourself
• If you need to update your information online, use the same procedure you've used before, or open a new browser window and type in the website address of the legitimate company's page.
• If a website’s address is unfamiliar, it's probably not authentic. Only use the address that you’ve used before, or better yet, start at the normal homepage.
• Most companies require you to log in to a secure site. Look for the lock at the bottom of your browser and "https" in front of the website address.
• If you encounter an unsolicited e-mail that requests, either directly or through a web site, for personal financial or identity information, such as Social Security number, passwords, or other identifiers, exercise extreme caution.
• Take note of the header address on the web site. Most legitimate sites will have a relatively short internet address that usually depicts the business name followed by ".com," or possibly ".org." Spoof sites are more likely to have an excessively long strong of characters in the header, with the legitimate business name somewhere in the string, or possibly not at all.
• If you have any doubts about an e-mail or website, contact the legitimate company directly. Make a copy of the questionable web site's URL address, send it to the legitimate business and ask if the request is authentic.
• Always report fraudulent or suspicious e-mail to your ISP.
• Lastly, if you've been victimized, you should file a complaint with the FBI's Internet Crime Complaint Center at http://www.ic3.gov.
In "email spoofing" the header of an e-mail appears to originate from someone or somewhere other than the actual source. Spam distributors often use email spoofing in an attempt to get their recipients to open the message and possibly even respond to their solicitations.
"IP spoofing" is a technique used to gain unauthorized access to computers. In this instance the unscrupulous intruder sends a message to a computer with an IP address indicating that the message is coming from a trusted source.
"Link alteration" involves the altering of a return internet address of a web page that’s emailed to a consumer in order to redirect the recipient to a hacker's site rather than the legitimate site. This is accomplished by adding the hacker's ip address before the actual address in an e-mail which has a request going back to the original site. If an individual unsuspectingly receives a spoofed e-mail and proceeds to "click here to update" account information, for example, and is redirected to a site that looks exactly like a commercial site such as EBay or PayPal, there is a good chance that the individual will follow through in submitting personal and/or credit information. And that’s exactly what the hacker is counting on.
How to Protect Yourself
• If you need to update your information online, use the same procedure you've used before, or open a new browser window and type in the website address of the legitimate company's page.
• If a website’s address is unfamiliar, it's probably not authentic. Only use the address that you’ve used before, or better yet, start at the normal homepage.
• Most companies require you to log in to a secure site. Look for the lock at the bottom of your browser and "https" in front of the website address.
• If you encounter an unsolicited e-mail that requests, either directly or through a web site, for personal financial or identity information, such as Social Security number, passwords, or other identifiers, exercise extreme caution.
• Take note of the header address on the web site. Most legitimate sites will have a relatively short internet address that usually depicts the business name followed by ".com," or possibly ".org." Spoof sites are more likely to have an excessively long strong of characters in the header, with the legitimate business name somewhere in the string, or possibly not at all.
• If you have any doubts about an e-mail or website, contact the legitimate company directly. Make a copy of the questionable web site's URL address, send it to the legitimate business and ask if the request is authentic.
• Always report fraudulent or suspicious e-mail to your ISP.
• Lastly, if you've been victimized, you should file a complaint with the FBI's Internet Crime Complaint Center at http://www.ic3.gov.
Vigilance and Security... at home and at work
Help secure your home or business with professional CCTV surveillance systems.
Help secure your home or business with professional CCTV surveillance systems.
Use the feedback form below to submit your comments.
Use the form below to email this article to your friends.
- Identity Theft: Count the ways
- Identity Theft: Phishing in Dangerous Water
- 5 Tips For Identity Theft Protection
- Phishing - How to Avoid Getting Caught
- AOL Uses Nation’s First Anti-Phishing Law to Sue Scammers
- Identify and Avoid Phishing Credit Card Scams
- The benefits of spam blockers
- Internet Scams : Sounds Phishy
- Go Phish - Protect Your Identity
- Email Scams – Ten Simple Steps To Protecting Your Online Finances
- Nigerian Email Scams: Nigerian 419 Advanced Fee Fraud
- Freebie Seeker Beware: Its All A Big Lie
- How To Prevent The New Jury Duty Scam
- The Trouble With Click Fraud?
- No To Click Frauds
- What You Must Know About Spam
- New York man admits internet scam to defraud celebrities of $80m
- FBI Alerts Public About E-Mail Scam
- Hosting Service Providers and Identity Theft
- How Identity Theft Can Affect You
- Avoiding Internet Sales Fraud
- Scams on the Internet
- Internet Business Scams
- Stimulus Package Results in Online Scams Offering Free Money