CSA Online by Andrew Moore-Crispin We all know not to open attachments in e-mails fromunknown senders (right?). We’re all aware that we need to be careful when searching the web for software to download and install (right?!). We’re all doubly cautious when we’re poking around in the darker corners of the web (right?!?). That’s the stuff we all know about. We’re prepared for it. It’s the stuff we haven’t heard about that’s the real threat, though. New things that can catch us unaware and with our collective guard down. We know that it pays to be careful online... but that’s not what we’re going to discuss here. Instead, we’ll discuss a newer approach that ne’er-do-wells are using to separate smart people from their personal data and, ultimately, their money. This threat transcends the Mac vs. PC debate. Even people who have eschewed computers in favour of a tablet aren’t immune. What is phishing? “Phishing” doesn’t rely on a victim opening an e-mail attachment or installing a piece of software. Rather, a phisher’s aim is to get you to inadvertently offer up some sensitive personal details. You can’t really call phishing a new phenomenon, though it’s certainly a problem that’s unique to the first years of this new millennium. Before we get into the newest threat, however, we need to talk about phishing in its simplest form. Phishing has become much more sophisticated in the last several years. It’s also inspired new, more-targeted techniques. Here’s an example of a basic e-mail phishing attempt. From: Recognizable Reputable Institution (Bank of America, Paypal, RBC, whatever) To: You@YourEmailAddress.com Subject: Important account access details Dear valued customer, As part of our commitment to your account security, it is our policy to ask customers to update their online access passwords regularly. This is in keeping with industry-accepted online security procedures and is done for your safety. Your current password will expire in 48h. If you do not change your password within this time, you will no longer have access to your account. Please log in and complete the password reset procedure as soon as possible or risk being locked out of your accounts. http:// RecognizableReputableInstitution.com-password-reset.com Sincerely, Recognizable Reputable Institution Security Team DON’T GET CAUGHT IN THE PHISHING NET 40 | www.snowbirds.org
RkJQdWJsaXNoZXIy MzMzNzMx