Background Image
Table of Contents Table of Contents
Previous Page  40 / 48 Next Page
Information
Show Menu
Previous Page 40 / 48 Next Page
Page Background

CSA Online

by Andrew Moore-Crispin

We all know not to open attachments in

e-mails fromunknown senders (right?). We’re

all aware that we need to be careful when

searching the web for software to download

and install (right?!). We’re all doubly cautious

when we’re poking around in the darker cor-

ners of the web (right?!?).

That’s the stuff we all know about. We’re

prepared for it. It’s the stuff we haven’t heard

about that’s the real threat, though. New

things that can catch us unaware and with

our collective guard down.

We know that it pays to be careful online...

but that’s not what we’re going to discuss here.

Instead, we’ll discuss a newer approach that

ne’er-do-wells are using to separate smart

people from their personal data and, ultim-

ately, their money.

This threat transcends the Mac vs. PC debate.

Even people who have eschewed computers

in favour of a tablet aren’t immune.

What is phishing?

“Phishing” doesn’t rely on a victim opening an

e-mail attachment or installing a piece of software.

Rather, a phisher’s aim is to get you to inadvertently

offer up some sensitive personal details.

You can’t really call phishing a new phenomenon,

though it’s certainly a problem that’s unique to the

first years of this new millennium. Before we get

into the newest threat, however, we need to talk

about phishing in its simplest form.

Phishing has become much more sophisticated

in the last several years. It’s also inspired new,

more-targeted techniques.

Here’s an example of a basic e-mail phishing attempt.

From: Recognizable Reputable Institution (Bank of America, Paypal,

RBC, whatever)

To:

You@YourEmailAddress.com

Subject: Important account access details

Dear valued customer,

As part of our commitment to your account security, it is our policy to

ask customers to update their online access passwords regularly. This

is in keeping with industry-accepted online security procedures and

is done for your safety.

Your current password will expire in 48h. If you do not change your

password within this time, you will no longer have access to your

account. Please log in and complete the password reset procedure

as soon as possible or risk being locked out of your accounts.

http://

RecognizableReputableInstitution.com-password-reset.com

Sincerely,

Recognizable Reputable Institution Security Team

DON’T GET CAUGHT IN

THE PHISHING NET

40

|

www. snowbirds .org