Thursday, May 01, 2008

Wall Street Journal covers phishing problem today


Walter S. Mossberg has a useful column in the “Personal Journal” section of the May 1 Wall Street Journal, p D1, “How to Avoid Cons That Can Lead to Identity Theft.” The link is here.

Much of his advice is familiar. For example, banks and financial institutions never ask for information by email, so don’t click on links that purport to be from banks and ask for updates or corrections. The same goes for ISP’s (like AOL, and even some other ones have been spoofed in the past few months), who may warn visitors that their accounts have been deactivated, when they haven’t been (that’s easy to check).

Another is to be wary of unsolicited offers of spurious software, such as anti-virus software, especially when it comes from unknown companies or seems to have little explanation. This has been a problem with spam placed in comments on blogs, so offers in blog comments should be viewed with great suspicion, particularly when they bear no relation to the substance of the blog.

He mentions special viewing software such as Microsoft’s Silverlight or Adobe’s Flash. This should be downloaded only from the original vendor, not with an unrelated offer. Microsoft will ask visitors to download Silverlight to look at the Front Page replacement Expression Web.

He also says that there is no inherent reason why Apple Mac is safer than the PC Microsoft world (or anything else like Linux on a PC) other than the popularity of Microsoft as a target. Phishing scams can come on any machine, and now they sometimes show up in cell phone text messages (smishing).

No comments: