Back to Main Index
 
Phishing is now an established part of computer life.  Almost everyone gets messages that seem to come from banks and other companies – the idea is to trick you into going to a web site, that looks like the real one, and entering your account details and password.  Once the bad guys have that info all sorts of trouble can ensue.

But who is to blame for these messages?

From readers email it seems some people don’t understand the phishing messages are NOT real and don’t come from the company they pretend to.  That especially applies when the messages appear to come from a company you’ve never dealt with.

“ Why does Citibank keep writing to me – I’ve never used them”

 “ Paypal is a nuisance – they keep sending me emails about an account that doesn’t exist.”

 “How and why does my bank send messages to me at a different address from the one I’ve given them?”.

Phishing is done by criminals and has nothing to do with the targeted company.  The email addresses are ‘farmed’ in various ways in the same way that spammers do.

You should treat phishing messages in the same way as you do any other unsolicited messages – delete them.

The targeted companies, after a slow start, now try to warn customers about fake messages.  Aside from that there’s not a lot they can do to stop the flow of messages.   Some action can be taken against individual scams but even that’s hard with the origin and hosting of the scams is spread across many countries.

Citibank in the US does have a small move to identify their real messages – they include the last few digits of your account number near the top of genuine messages from  them.  As long as you know what those digits are you can tell if the message is real.

You’d think that options like digitally signed messages would be an obvious choice for financial institutions but the support for signed messages in email clients is poor. 

Most spam filters also try to detect phishing messages but it’s hard for software to tell the difference between fake messages and real ones.   If you’re looking for an email from a bank or Paypal have a look in your Junk Mail folder, it might have been put there by accident.
 

by Email Essentials

Editor-in-Chief: Peter Deegan

Copyright (c) 2006 Peter Deegan. All rights reserved. ISSN 1448-8655
 
Top 1
Vale
Disclaimer: While the advice and information in this web page is believed to be true and accurate, neither the ICUFR Officers, authors or committee members can accept any legal responsibility for any errors or omissions that may have been made. ICUFR makes no warranty, expressed or implied with respect to the material contained herein.
The Rotary name and logo are the exclusive property of Rotary International and are used here under Rotary International Internet Policy Guidelines
The International Computer Users Fellowship of Rotarians is a group of Rotarians dedicated to promoting Computers as an opportunity for fellowship and service. This fellowship operates in accordance with Rotary International policy, but is not an agency of, or controlled by, Rotary International.
Copyright: Rotary International and ICUFR, 1999-2006 All Rights Reserved
Best viewed in 1024 x 768 / 16 bpp (64000 colours) or more
Optimised for Microsoft Explorer 4.0 or higher..
Last Updated: Saturday 4-mar-06 6:41