Identity Theft Expert Robert Siciliano
The Anti Phishing Working Group published a new report seeking to understand such trends by quantifying the scope of the global phishing problem, especially by examining domain name usage and phishing site uptimes. Phishing has always been attractive to criminals because it has low start-up costs and few barriers to entry. But by mid-2009, phishing was dominated by one player as never before—the ―Avalanche‖ phishing operation. This criminal entity is one of the most sophisticated and damaging on the Internet, and perfected a mass-production system for deploying phishing sites and ―crimeware – malware designed specifically to automate identity theft and facilitate unauthorized transactions from consumer bank accounts. Avalanche was responsible for two-thirds (66%) of all phishing attacks launched in the second half of 2009, and was responsible for the overall increase in phishing attacks recorded across the Internet.
There were 126,697 phishing attacks during the second half of 2009, more than double the number in the first half of the year or from July through December of 2008, the APWG report said. Avalanche, which was first identified in December of 2008, was responsible for 24 percent of phishing attacks in the first half of 2009 and for 66 percent in the second half. From July through the end of the year, Avalanche targeted the more than 40 major financial institutions, online services, and job search providers.
Adapted from APWG
1. Be suspicious of any email with urgent requests for personal financial information. Call the bank if they need anything from you.
2. Spot a Phish: Phishers typically include upsetting or exciting (but false) statements in their emails to get people to react immediately
3. They typically ask for information such as usernames, passwords, credit card numbers, social security numbers, date of birth, etc.
4. Don’t use the links in an email, instant message, or chat to get to any web page if you suspect the message might not be authentic or you don’t know the sender or user’s handle
5. Avoid filling out forms in email messages that ask for personal financial information in emails
6. Consider installing a Web browser tool bar to help protect you from known fraudulent websites. These toolbars match where you are going with lists of known phisher Web sites and will alert you.
7. The newer version of Internet Explorer version 7 and 8 includes this tool bar as does FireFox version 2
8. Regularly check your bank, credit and debit card statements to ensure that all transactions are legitimate
9. If anything is suspicious or you don’t recognize the transaction, contact your bank and all card issuers
10. Ensure that your browser is up to date and security patches applied
ROBERT SICILIANO, CEO of IDTheftSecurity.com is fiercely committed to informing, educating, and empowering Americans so they can be protected from violence and crime in the physical and virtual worlds. His "tell it like it is" style is sought after by major media outlets, executives in the C-Suite of leading corporations, meeting planners, and community leaders to get the straight talk they need to stay safe in a world in which physical and virtual crime is commonplace. Siciliano is accessible, real, professional, and ready to weigh in and comment at a moment's notice on breaking news.
- Criminal Hackers: The Soldiers of the Web Mob
Today’s criminal hackers are very different than those who hacked for fun and fame a decade ago. Every week, I see stories about more criminals in faraway lands, making millions from various scams, emptying the bank accounts of small businesses or draining the financial reserves of entire towns. High-tech crimes can be committed by lone individuals,
- Criminal Hackers Clean Out Bank Accounts Using Spear Phishing
Robert Siciliano Identity Theft Expert It wasn’t long ago that most phishing emails were from a supposed Nigerian General Matumbi Mabumboo Watumboo. And you and I were flattered that we were the chosen ones to help the general transfer 35 million out of the country, because the Nigerian government was a bunch of jerks and wouldn’t let
- Phishing Alert: 10 Tips To Protect Your Business From Attacks
It’s becoming too easy for criminals to get their hands on your banking information, due to your employees’ ignorance of phishing scams. Malware attacks have soared recently, targeting banks for the purpose of stealing online banking information. Over 200,000 new infections occurred between July and September 2013—the highest jump in the past 11 years, according to
- How to Prevent Phishing Scams
Robert Siciliano Identity Theft Expert Recent reports abound of consumers email account being phished and American and Egyptian authorities arresting dozens of people in an online fraud crackdown for phishing scams. Its time to revisit the fundamentals of how to prevent phishing. Nobody can do this better than the Anti Phishing Work Group Phishing Defined Phishing is a
- Criminals Prefer Pheasting on Phish Over Spam
Most of us are aware of spam, and while we may think it’s just an annoyance, what’s really dangerous about it is the fact that most spam are phishing attempts. Phishing is when cybercriminals attempt to fraudulently acquire your personal information, such as passwords and credit card details, by masquerading as a trustworthy person or
3 Responses to “10 Ways To Prevent Phishing”
Good recap list.
Thanks for the offline advice about “employers” phising for SSNs…
why intelius and not lifelock?
they sponsor you?
Leave a Comment
You must be logged in to post a comment.