Download Fraud Eliminator to Protect Yourself from Phishing Scams

Gone Phishing Yes, that is the correct spelling for another form of computer crime.


PRWEB

Download this press release as an Adobe PDF document.

 

Don't be a victim of the latest computer crimes that can rob your bank account and steal your identity, Warns Geeks In A Flash! a Wilmington, NC based computer company.

Wilmington, NC (PRWEB) August 16, 2004 -- Although this type of computer crime has been happening for years, it appears to be picking up steam.

Recently, Citibank and US Bank's websites were "spoofed" and their domain names were "masked" to appear like the real thing. The unsuspecting victim thinks that the bank wants them to log in to their account and make some changes or updates. Unknowingly to the victim, there are cyber criminals licking their chops as the victim reveals all their private information and bam…all their financial data such as passwords, account numbers, etcetera have been stolen.

Banks are not the only institutions being targeted. Just recently, AOL, Amazon, eBay, and many other large organizations have been hit. The criminals simply want any information that leads to your money, i.e., checking accounts, user names, passwords, bank routing numbers, and even social security numbers. If it leads to money or identities, it's a potential target.

Banks and online companies are fighting back however, and very strongly. "Technology experts are working hard to combat this threat by putting in anti-theft tools for computer servers and key systems" says Manuel W. Lloyd, a technology expert that owns three technology businesses. One of his businesses focuses on helping individuals and small businesses fight such cyber crimes. "What needs to be done is quite simple, but can get costly if not done properly...” says Lloyd.”Most companies think that firewalls, spam filters, and Spyware tools will do the trick, when in fact, that's just the beginning". Lloyd continues, "Security must be indepth, not just a few buzz words that people hear and say, oh, we need that, let's get it. If individuals and companies want tighter security, discipline has to be a part of your anti-theft arsenal as well."

Lloyd suggests doing your own research. "One good place to go is a website that is dedicated to just helping to fight Phishing and other cyber crimes. The Anti-Phishing Working Group (APWG) is an industry association focused on eliminating identity theft. Their website is www.antiphishing.org". Lloyd highly recommends going directly to their "Phishing Archive" at http://www.antiphishing.org/phishing_archive.html This lists all the recent and past Phishing scams.

Mr. Lloyd does emphasize that "I do recommend getting all the tools such as a firewall, anti virus, anti spam, anti Spyware, and an anti key logger tools as a base defense, but nothing beats good old fashion street smarts". Geeks In A Flash! www.geeksinaflash.com, one of Lloyd's companies, provides all these tools free of charge in an effort to help innocent victims of these cyber crimes. They only charge a nominal fee if you need their assistance to install and configure the programs more in depth.

Another of Lloyd's companies, www.mwlconsulting.com, which carries Mr. Lloyd's name, helps organizations implement strategies to prevent their customers from becoming victims. "This company is a strategic partner to many companies, including national franchises" says Lloyd. "We work with restaurants, national pizza delivery companies, financial institutions, and pharmaceutical type organizations which all have an online presence or will have one within the next year".

Mr. Lloyd predicts that these types of crimes will only get worse as cyber criminals are harder to track, but insists that you, your company, nor the world have to be a victim. By putting the right tools, resources, and good old fashion street smarts into play, the world can win the cyber crime battle.

Terminology
Phishing - Phishing attacks use 'spoofed' e-mails and fraudulent websites designed to fool recipients into divulging personal financial data such as credit card numbers, account usernames and passwords, social security numbers, etc. By hijacking the trusted brands of well-known banks, online retailers and credit card companies, phishers are able to convince up to 5% of recipients to respond to them. - Source www.antiphishing.org

Email Spoofing - Forging an e-mail header to make it appear as if it came from somewhere or someone other than the actual source. The main protocol that is used when sending e-mail -- SMTP -- does not include a way to authenticate. There is an SMTP service extension (RFC 2554) that allows an SMTP client to negotiate a security level with a mail server. But if this precaution is not taken anyone with the know-how can connect to the server and use it to send spoofed messages by altering the header information. In some jurisdictions, e-mail spoofing anyone other than yourself is illegal. - Source www.webopedia.com

Domain masking - Simply put, masking hides the real name of a domain as to appear as something else. This is not criminal, but as with many non-crimninal things, it can be misused by those seeking to do harm to others.

Anti virus software - Software that protects your computer from getting viruses. - Source www.geeksinaflash.com

Anti spam software - Spam is "Junk email". Anti spam software tries to eliminate spam. According to some reports, spam represents 90% or better of all email. – Source www.geeksinaflash.com

Anti Spyware software - Spyware or Ad aware programs track the websites you go to and build a pattern of what you do so that certain marketers can sell their products to you using your e-mail or with annoying popup ads.

Anti key logger software - Probably the most dangerous of all "malware," key logger programs record every keystroke on your computer including instant messenger, bank passwords, e-mail--simply everything you type. There is anti key logger software that can prevent this.

Geeks In A Flash! www.geeksinaflash.com provides a free package of all these tools and only charges for installation and configuration if you need the help. If you need help installing and configuring these tools, you can reach them toll free at 888.211.1623. Otherwise, you can request the free tools by e-mailing them at e-mail protected from spam bots. They also provide free membership to those looking for ongoing support. Go to www.geeksinaflash.com and create a user profile and follow the instructions.

About Geeks In A Flash!
Geeks In A Flash! is a 24 hour computer help desk, dedicated to helping the Internet community fight malware such as virus, Spyware, popup ad, spam, key logger, and other computer crimes. Geeks In A Flash! provides free anti virus, anti Spyware, anti popup ad, anti spam, and anti key logger tools to help Internet users work without malice interruptions. Geeks In A Flash! supports home office, small office, and small to medium sized enterprises. Geeks In A Flash! provides remote assistance so that your can get your problems resolved within minutes, not hours or days. Geeks In A Flash! are fully staffed and also offer a 24 hour live help desk.


 


Download Fraud Eliminator to Protect Yourself Click Here


Netflix Fixes "Phishing" Security Threat
Christopher tipped me off to a Bugtraq Mailing list thread about a possible Netflix security problem involving "Phishing." This is the Wikipedia definition of phishing: In computing, phishing is the act of attempting to fraudulently acquire through deception sensitive personal information such as passwords and credit card details by masquerading in an official-looking email, IM, etc. as someone trustworthy with a real need for such information. It is a form of social engineering attack. Here's a link to an example of a phishing e-mail. This is an example of phishing HTML code: https://www.netflix.com/redirect.jsp?target=http://dummy.site.com/ This was just a warning and...

Loose Wire: Phishing Pushes Banking To Impose Transfer Limits
kayodeok : Loose Wire: Phishing Pushes Banking To Impose Transfer Limits - Germany's biggest retail bank, Postbank, said Monday it was imposing a euro3,000 (US$3,860) limit on online transfers in an effort to protect customers against e-mail "phishing" scams

"Extension to IODEF-Document Class for Phishing, Fraud, and Other Non-Network Layer Reports", Patrick Cain, David Jevans
2005-06-24: This document extends the INCH XML incident reporting format for reporting phishing, fraud, widespread spam, and other non-network layer attacks and incidents. The extensions are an outgrowth of the Anti-Phishing Working Group (APWG) activities in data collection and sharing. Although we use the term "phishing attack", the data format extensions are flexible enough to support information gleaned from activities throughout the entire phishing life cycle and extensible enough to be used for other types of electronic crime incidents such as fraud. The extensions support very simple reporting as well as optional fields for detailed, forensic reports and supports single phish/fraud incidents as well as consolidated reports of multiple phish incidents.

Know your Enemy: Phishing
Phishing is the practice of sending out fake emails, or spam, written to appear as if they have been sent by banks or other reputable organisations, with the intent of luring the recipient into revealing sensitive information such as usernames, passwords, account IDs, ATM PINs or credit card details. This white paper aims to provide practical information on the practice of phishing and draws on data collected by the German Honeynet Project and UK Honeynet Project. This paper focuses on real world incidents that the Honeynet Project has observed in the wild, but does not cover all possible phishing methods or techniques. Attackers are constantly innovating and advancing, and there are likely to be new phishing techniques already under development or in use today.»See More RSS Feeds

Phishing
Know Your Enemy: Phishing, a very interesting paper that analyzes some of the techniques phishers use to gather account info/passwords. Like the rise of professional spammers, they're growing in sophistication and volume. And it's likely going to get worse before it gets better. If you're at all responsible for helping people use their computers, you should make sure they know what phishing is and how to recognize it. A quick look at my inbox tells me that about ten of the 150 pieces of spam I receive a day are phishing emails.

Netcraft: 5,600 Phishing Sites Since December
miller60 writes "Netcraft has tracked and blocked 5,600 known phishing sites since the December launch of its anti-phishing toolbar, which it has now updated with a risk rating feature that warns users about new sites with phishy characteristics, based on trends observed in known phishing scams. It has also started a service that makes the full list available of phishing sites as a continuously updated feed for service providers and companies to use in mail servers and web proxies." One bad sign: the phishing attacks I see are getting (on average) more professional in their phrasing -- it used to be easy to toss out the trawlers based on their spelling alone.

Strange "Barclays" Phishing Attempt
When I get these things, I usually just delete them immediately, but this strange message from “Barclays” caught my eye and I began to play with it. At first, it just seems like an obvious phishing attempt. Dear Barclays Member, This e-mail was sent by the Barclays server to verify your e-mail address. You must complete this process by clicking on the link below and entereing in the small window your Barclays Membership number, passcode,… Direct and Related Links for 'Strange “Barclays” Phishing Attempt'

Anti-Phishing Working Group Creates Phishing Scam Database for Members (2 June 2005)
In hopes of becoming a clearinghouse for phishing data, the Anti-Phishing Working Group has created a database of phishing scams that can be used to share information with other Anti-Phishing Working Group members; there is also an XML form that can be used to submit attack data.......

Reformed UK fraud law to tackle phishing attacks
You know, I admire the idea behind laws like this, I really do. But we have to be serious here. Does anyone think that these actions will even put the smallest dent in phishing? If they want to stop it, arm victims to the teeth and then fly them over to the offender’s place business. I suspect that the message will be received quite clearly at that point!… Direct and Related Links for 'Reformed UK fraud law to tackle phishing attacks'

"Extension to IODEF-Document Class for Phishing, Fraud, and Other Non-Network Layer Reports", Patrick Cain, David Jevans
2005-07-19: This document extends the INCH XML incident reporting format for reporting phishing, fraud, widespread spam, and other non-network layer attacks and incidents. The extensions are an outgrowth of the Anti-Phishing Working Group (APWG) activities in data collection and sharing. Although we use the term "phishing attack", the data format extensions are flexible enough to support information gleaned from activities throughout the entire phishing life cycle and extensible enough to be used for other types of electronic crime incidents such as fraud. The extensions support very simple reporting as well as optional fields for detailed, forensic reports and supports single phish/fraud incidents as well as consolidated reports of multiple phish incidents.

Download Fraud Eliminator to Protect Yourself Click Here