- Computers & Software
Avoid Phishing on Hotmail
Phisherman? What is a "phisherman"? A phisherman is a person who goes phishing! And phishing is all about someone (either an individual or a group of people) creating fake websites that look like the real thing. The idea of phishing, is to trick people into giving up their personal login or financial data. To do this, a phisherman trys to lurer an individual into thinking that they just received a message from a legitimate website. The phisherman then tries to get that person to enter their financial or login data by requesting them to complete a form, or re-enter their login id and password, and more.
If the phisherman succeeds in acquiring that persons' financial information, the phisherman can then impersonate that person (financially speaking) to obtain goods and services in that persons name. The individual that has been tricked into giving out their financial data will become responsible for any and all purchases that the phisherman makes.
Unfortunately, phishing is something that is very common on the Internet. But it is also very easy to detect and avoid. You just have to know what to look for. Here is an example of phishing that I received via my hotmail account.
PHISHING EMAILS MAY CONTAIN VIRUSES, TROJAN HORSES AND OTHER DESTRUCTIVE COMPONENTS. DO NOT OPEN ANY EMAIL YOU SUSPECT OF BEING SOME TYPE OF PHISHING! TO ENSURE MY COMPUTERS SAFETY, I MADE SURE THAT MY FIREWALL, ANTI-SPAM, ANTI-VIRUS AND ANTI-SPYWARE WERE ALL UP TO DATE WITH THE LATEST VERSION OF SOFTWARE AND THE LATEST SIGNATURE FILES. FOR THIS TEST, MY PROTECTION SOFTWARE CAPTURED A KEYLOGGER, AND AN INTERNET TRACKER SPYWARE, ALONG WITH SOME ITEMS MY ANTI-SPAM FILTERS BLOCKED.
When I first saw this message, I was wondering what
Hotmail.com was up too! I have not done anything that would warrent
Hotmail.com to lock my account, so I was curious to find out why
Hotmail was going to lock my account. Here is the body of the actual
message I received ...
To show you that this is a phishing email, please note the following things that I will point out:
- I move the cursor over the link and RIGHT MOUSE click it.
- I select the menu option: Copy Link Location
- I open up a new text file.
- I paste the copy link location into the new document.
Let me show you the actual link that the browser would go to if I would have click the link.
Here, ... I'll copy and paste the link into this article. Looking at the text in the link, we both see something familiar and something unknown.
Notice how the link does NOT look like the link that is displayed in the article. The link in the article shows: http://login.live.com/login.srf as the place you will go to login for hotmail.
It is the rest of this link that is very important.
To understand this better, you need to understand the
difference between a domain name, and a subdomain name. Take a quick
look at the URL in the address link of this browser. You should see the
link you are currently using to access this article. The domain this
article is loaded from is "hubpages.com". Anything in front of
"hubpages.com" but after the symbols "//" is referred to as a
The subdomain is a subset of the real domain. For example, in the URL: http://www.example.com; the domain name is example.com, and the subdomain is the "www" part.
One thing that you and I can do to prevent ourselves
from falling into a phisherman's net is to be able to identify the
domain that you want to access.
Some domains end with the following types:
Here is a list of domain names.
Now, here is a list of domain names with subdomains.
Some phisherman try to confuse the issue by including the full domain name as a subdomain within the phisherman's domain name. Do not be tricked by this. If you are accessing hotmail.com, then the text "hotmail.com" should be the last part of the domain name.
In the above example "correct.data.at.hotmail.com.protectinfo.net", although hotmail.com is shown in the URL, it is not the real hotmail.com website. It is just a subdomain created inside of the domain name of protectinfo.net, that could be made to look just like hotmail.com in every way. To the "un-instructed in the ways of a phisherman" they could easily believe that they are logging into the real hotmail.com. But in reality, they are giving an identity thief their login name and password to their real hotmail.com account, and any other information that the identity thief may request.
Oh! One last thing. If you see an email message like this in your inbox, it is best not to click on it. The email may also contain a virus. And a computer virus is one head-ache no-one needs.
When it comes to phishing, here are some best practices you should follow:
- Do NOT open the email. Just delete the email message and be done with it.
- If your email program marks the message as junk, then it probably is Junk!
- If you do open the email, remember to run your virus scanner (on your whole system) when you are done.
- Red Flags to watch for:
- The email ask you to either update or verify your login data.
- You are asked to click a URL link contained within the email message, verify the link is going where you expect it to go. Use the above procedure to determine what the URL Location is by copying the URL Location into a blank document for further analysis.
- The email comes from a source that you do not recognize.
- Just delete the email! I put this here again to make sure you did not miss this important point.
By knowing what to look for and applying the steps listed above, you and I can spot a phisherman at a glance. And, by identifying the net that a phisherman uses, you and I can avoid being caught on the hook, of a phisherman's net.
NOTE *** Do NOT visit the website of a phisherman, it will look just like the actual website that they are impersonating. So, any data you enter (like a user name and password) will be captured and stored for the phisherman's later use. In other words, you will have given your login identity to an identity thief!
If you are creating a computer security policy, you could include this as either a policy or instructional procedure point.