ArtsAutosBooksBusinessEducationEntertainmentFamilyFashionFoodGamesGenderHealthHolidaysHomeHubPagesPersonal FinancePetsPoliticsReligionSportsTechnologyTravel

Avoid Phishing on Hotmail

Updated on November 13, 2009

Phisherman? What is a "phisherman"? A phisherman is a person who goes phishing! And phishing is all about someone (either an individual or a group of people) creating fake websites that look like the real thing. The idea of phishing, is to trick people into giving up their personal login or financial data. To do this, a phisherman trys to lurer an individual into thinking that they just received a message from a legitimate website. The phisherman then tries to get that person to enter their financial or login data by requesting them to complete a form, or re-enter their login id and password, and more.


If the phisherman succeeds in acquiring that persons' financial information, the phisherman can then impersonate that person (financially speaking) to obtain goods and services in that persons name. The individual that has been tricked into giving out their financial data will become responsible for any and all purchases that the phisherman makes.

Unfortunately, phishing is something that is very common on the Internet. But it is also very easy to detect and avoid. You just have to know what to look for. Here is an example of phishing that I received via my hotmail account.


WARNING!!!
PHISHING EMAILS MAY CONTAIN VIRUSES, TROJAN HORSES AND OTHER DESTRUCTIVE COMPONENTS. DO NOT OPEN ANY EMAIL YOU SUSPECT OF BEING SOME TYPE OF PHISHING! TO ENSURE MY COMPUTERS SAFETY, I MADE SURE THAT MY FIREWALL, ANTI-SPAM, ANTI-VIRUS AND ANTI-SPYWARE WERE ALL UP TO DATE WITH THE LATEST VERSION OF SOFTWARE AND THE LATEST SIGNATURE FILES. FOR THIS TEST, MY PROTECTION SOFTWARE CAPTURED A KEYLOGGER, AND AN INTERNET TRACKER SPYWARE, ALONG WITH SOME ITEMS MY ANTI-SPAM FILTERS BLOCKED.

I use Hotmail.com for communications I do on the Internet.  One day, I received this email titled, "Lockout Your Email".


When I first saw this message, I was wondering what Hotmail.com was up too!  I have not done anything that would warrent Hotmail.com to lock my account, so I was curious to find out why Hotmail was going to lock my account.  Here is the body of the actual message I received ...

This email wants me to confirm that I am the correct owner of this email address.  To prove it, the email asks me to click on the link provided within this email, and login to my Hotmail account.  This is to prove that I am the correct owner.


But the first thing I notice about this email message (beside some miss-spelled words) is that it has a link in it pointing to the domain of live.com!  Live.com does resolve to my Hotmail.com account, but since I am already logged into my Hotmail account, I should not have to log into it again to correct an ownership problem.  After all, I am already logged into my Hotmail.com account which is the proof the email message wanted me to do.


To show you that this is a phishing email, please note the following things that I will point out:
  1. I move the cursor over the link and RIGHT MOUSE click it.
  2. I select the menu option: Copy Link Location
  3. I open up a new text file.
  4. I paste the copy link location into the new document.

Let me show you the actual link that the browser would go to if I would have click the link.

Here, ... I'll copy and paste the link into this article. Looking at the text in the link, we both see something familiar and something unknown.


http://login.live.hotmail.msn.livesecurity.microsoft.strate-g-tick.net/default.aspx


Notice how the link does NOT look like the link that is displayed in the article. The link in the article shows: http://login.live.com/login.srf as the place you will go to login for hotmail.

http://login.live.hotmail.msn.livesecurity.microsoft.strate-g-tick.net/default.aspx

The actual link points to something altogther different; even though it has the words hotmail and msn and microsoft in it.  That is what the phisherman hopes you will see.  But what about the rest of the link.  Lets look a little bit closer.


It is the rest of this link that is very important.

http://login.live.hotmail.msn.livesecurity.microsoft.strate-g-tick.net/default.aspx

The portion of the URL "strate-g-tick.net" is the part that will take you to the phisherman's fake website.  Why!?  The domain name of this URL is "strate-g-tick.net"; not "hotmail.com". When you look at the URL, the part that tells you the domain you are working with is last two words followed by the "/" symbol.  In the case of hotmail, it should end with "hotmail.com"!


To understand this better, you need to understand the difference between a domain name, and a subdomain name.  Take a quick look at the URL in the address link of this browser. You should see the link you are currently using to access this article.  The domain this article is loaded from is "hubpages.com".  Anything in front of "hubpages.com" but after the symbols "//" is referred to as a subdomain.

The subdomain is a subset of the real domain.  For example, in the URL: http://www.example.com; the domain name is example.com, and the subdomain is the "www" part.


One thing that you and I can do to prevent ourselves from falling into a phisherman's net is to be able to identify the domain that you want to access.


Some domains end with the following types:

  • .com
  • .org
  • .net
  • .gov
  • .edu
  • .name
  • .tv
  • .info
  • .co.uk


For example


Here is a list of domain names.

  • hotmail.com
  • hubpages.com
  • google.com
  • xprize.org

Now, here is a list of domain names with subdomains.

  • www.hotmail.com
  • inbox.hotmail.com
  • www.google.com
  • business.google.com
  • visiting.my.friends.mypartnersandme.net
  • correct.data.at.hotmail.com.protectinfo.net
  • update.data.now.hotmail.com.protectinfo.co.uk

Some phisherman try to confuse the issue by including the full domain name as a subdomain within the phisherman's domain name. Do not be tricked by this. If you are accessing hotmail.com, then the text "hotmail.com" should be the last part of the domain name.


In the above example "correct.data.at.hotmail.com.protectinfo.net", although hotmail.com is shown in the URL, it is not the real hotmail.com website. It is just a subdomain created inside of the domain name of protectinfo.net, that could be made to look just like hotmail.com in every way. To the "un-instructed in the ways of a phisherman" they could easily believe that they are logging into the real hotmail.com. But in reality, they are giving an identity thief their login name and password to their real hotmail.com account, and any other information that the identity thief may request.


Oh! One last thing. If you see an email message like this in your inbox, it is best not to click on it. The email may also contain a virus. And a computer virus is one head-ache no-one needs.


When it comes to phishing, here are some best practices you should follow:

  1. Do NOT open the email. Just delete the email message and be done with it.
  2. If your email program marks the message as junk, then it probably is Junk!
  3. If you do open the email, remember to run your virus scanner (on your whole system) when you are done.
  4. Red Flags to watch for:
    • The email ask you to either update or verify your login data.
    • You are asked to click a URL link contained within the email message, verify the link is going where you expect it to go. Use the above procedure to determine what the URL Location is by copying the URL Location into a blank document for further analysis.
    • The email comes from a source that you do not recognize.
  5. Just delete the email! I put this here again to make sure you did not miss this important point.

By knowing what to look for and applying the steps listed above, you and I can spot a phisherman at a glance. And, by identifying the net that a phisherman uses, you and I can avoid being caught on the hook, of a phisherman's net.


NOTE *** Do NOT visit the website of a phisherman, it will look just like the actual website that they are impersonating. So, any data you enter (like a user name and password) will be captured and stored for the phisherman's later use. In other words, you will have given your login identity to an identity thief!

If you are creating a computer security policy, you could include this as either a policy or instructional procedure point.

Comments

    0 of 8192 characters used
    Post Comment

    • floating mind profile imageAUTHOR

      floating mind 

      8 years ago from Chicago, Illinois

      Thanks Lady_E. And yes, I did see my medal.

      Take care though, because phishing can happen with any email.

    • Lady_E profile image

      Elena 

      8 years ago from London, UK

      Never heard of Phishing, but maybe that's cos I don't use Hotmail. I'm glad I read the Hub though, it's always nice to be knowledgable about these things. Thanks

      PS. Congrats on your 10th Hub. Hope you saw your medal. :)

    working

    This website uses cookies

    As a user in the EEA, your approval is needed on a few things. To provide a better website experience, hubpages.com uses cookies (and other similar technologies) and may collect, process, and share personal data. Please choose which areas of our service you consent to our doing so.

    For more information on managing or withdrawing consents and how we handle data, visit our Privacy Policy at: https://hubpages.com/privacy-policy#gdpr

    Show Details
    Necessary
    HubPages Device IDThis is used to identify particular browsers or devices when the access the service, and is used for security reasons.
    LoginThis is necessary to sign in to the HubPages Service.
    Google RecaptchaThis is used to prevent bots and spam. (Privacy Policy)
    AkismetThis is used to detect comment spam. (Privacy Policy)
    HubPages Google AnalyticsThis is used to provide data on traffic to our website, all personally identifyable data is anonymized. (Privacy Policy)
    HubPages Traffic PixelThis is used to collect data on traffic to articles and other pages on our site. Unless you are signed in to a HubPages account, all personally identifiable information is anonymized.
    Amazon Web ServicesThis is a cloud services platform that we used to host our service. (Privacy Policy)
    CloudflareThis is a cloud CDN service that we use to efficiently deliver files required for our service to operate such as javascript, cascading style sheets, images, and videos. (Privacy Policy)
    Google Hosted LibrariesJavascript software libraries such as jQuery are loaded at endpoints on the googleapis.com or gstatic.com domains, for performance and efficiency reasons. (Privacy Policy)
    Features
    Google Custom SearchThis is feature allows you to search the site. (Privacy Policy)
    Google MapsSome articles have Google Maps embedded in them. (Privacy Policy)
    Google ChartsThis is used to display charts and graphs on articles and the author center. (Privacy Policy)
    Google AdSense Host APIThis service allows you to sign up for or associate a Google AdSense account with HubPages, so that you can earn money from ads on your articles. No data is shared unless you engage with this feature. (Privacy Policy)
    Google YouTubeSome articles have YouTube videos embedded in them. (Privacy Policy)
    VimeoSome articles have Vimeo videos embedded in them. (Privacy Policy)
    PaypalThis is used for a registered author who enrolls in the HubPages Earnings program and requests to be paid via PayPal. No data is shared with Paypal unless you engage with this feature. (Privacy Policy)
    Facebook LoginYou can use this to streamline signing up for, or signing in to your Hubpages account. No data is shared with Facebook unless you engage with this feature. (Privacy Policy)
    MavenThis supports the Maven widget and search functionality. (Privacy Policy)
    Marketing
    Google AdSenseThis is an ad network. (Privacy Policy)
    Google DoubleClickGoogle provides ad serving technology and runs an ad network. (Privacy Policy)
    Index ExchangeThis is an ad network. (Privacy Policy)
    SovrnThis is an ad network. (Privacy Policy)
    Facebook AdsThis is an ad network. (Privacy Policy)
    Amazon Unified Ad MarketplaceThis is an ad network. (Privacy Policy)
    AppNexusThis is an ad network. (Privacy Policy)
    OpenxThis is an ad network. (Privacy Policy)
    Rubicon ProjectThis is an ad network. (Privacy Policy)
    TripleLiftThis is an ad network. (Privacy Policy)
    Say MediaWe partner with Say Media to deliver ad campaigns on our sites. (Privacy Policy)
    Remarketing PixelsWe may use remarketing pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to advertise the HubPages Service to people that have visited our sites.
    Conversion Tracking PixelsWe may use conversion tracking pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to identify when an advertisement has successfully resulted in the desired action, such as signing up for the HubPages Service or publishing an article on the HubPages Service.
    Statistics
    Author Google AnalyticsThis is used to provide traffic data and reports to the authors of articles on the HubPages Service. (Privacy Policy)
    ComscoreComScore is a media measurement and analytics company providing marketing data and analytics to enterprises, media and advertising agencies, and publishers. Non-consent will result in ComScore only processing obfuscated personal data. (Privacy Policy)
    Amazon Tracking PixelSome articles display amazon products as part of the Amazon Affiliate program, this pixel provides traffic statistics for those products (Privacy Policy)