There’s no doubt about it: I detest emailed trojans, viruses and phishing. There’s the one from Facebook asking you to log on to set your security preferences, or the similar message from PayPal. Then there’s the DHL message, “We couldn’t deliver your package.” And don’t forget the person in UK that has to send $1.7 million to her grandmother in your homeland. Remember, before clicking on any link, hover your mouse over the link to see the *real* domain. If it purports to be from your homeland’s government (for example, from the IRS), but the real domain (visible when hovering on the link) is from a domain nerrassst.eu, then you know you have a ‘Phisherman’. Please, for the benefit of all internet users everywhere, please don’t click on that link.
And now it gets worse. Take a look at this link, sent to me by our own organization’s I.T. guy, Greg:
http://blogs.usatoday.com/technologylive/2009/10/new-twist-on-scareware-locks-up-your-pc.html
(This link will ‘wrap.’ If you have trouble reassembling it, just go to Brigada’s online webpage and click on the ‘live’ link there.
With the web being the scary place it is now… have URL threats themselves now made sites like tinyurl.com obsolete? Why would I ever click on another tinyurl.com link, since I have no clue where it’s really taking me? Any spammer could set up a ‘masked’ address by cloaking it with a tinyurl ‘cover-up.’ Sad. But that’s the way thieves, vandals and terrorists operate: They chip away at our freedoms by attacking the easiest conveniences. Thus we have to fight those stiff plastic packages to free up the little memory card we were buying. Or, we have to put our liquids in 3-ounce bottles, then squeeze them into just one quart-sized zip-lock bag when traveling. Sad indeed.
To add along to that, why would anyone surf the net without virus protection?
There are plenty of cheap and, in some cases, free virus, malware, and email protection programs available.
Google mail even flags emails from banks as authentic or not.
http://www.antiphishing.org/
http://ow.ly/Adyw shows how dangerous the net has become.
Why click the shortened URL? When I shorten a URL, I place both in the email. That saves the reader time, should the long URL not work for him.
http://en.wikipedia.org/wiki/Anti-phishing_software
http://ow.ly/AdBD is a listing of anti-phishing software. Three of the web browsers I use are listed there.
http://en.wikipedia.org/wiki/Phishtank
http://ow.ly/AdE3 is a service that receives your phishing emails and catalogs them so others can benefit.
Interesting article! Too bad we could not have this last month. After all, it was CyberSecurity Awareness Month in the USA. :)
Be Blessed.
Doug, I was a bit startled by the idea that some of those shortened urls that come my way might be malicious… and am wondering if you’ve learned anything more on this topic. Are some of the shortening systems “safer” than others? Almost all urls that pop up in twitter have been shortened one way or another.
It would be easy to set up a phishing situation where you were forwarded to a domain that you didn’t anticipate — whether that domain be a porn site, or a site that *resembles* the one you were expecting, but really isn’t. Better to enter the long site in another way — or use a forwarding link you know… like Brigada.