by Edward Raymond

Created on: January 20, 2007   Last Updated: April 19, 2007

They are out there and they do want to become you; at least, temporarily. There are several methods used by online fraudsters (for lack of a better collective term). These methods are termed; phishing, pharming, and down-n-dirty espionage. Phishing is an e-mail fraud method in which the perpetrator sends out legitimate-looking email in an attempt to gather personal and financial information from recipients. Pharming is a scamming practice in which malicious code is installed on a personal computer or server, misdirecting users to fraudulent Web sites without their knowledge or consent.

Espionage has several old hang ins from the spy days with updated tactics to take advantage of shifts in technology.

Let's look a little closer at Phishing. The latest e-mail you just received about your amazon account being out of date and needing to be updated should do. First, Phishing has evolved well beyond the limits of traditional spam. You should notice that the writing is polished. (Yep, they finally mastered that tricky spelling and grammar checking doodad in their mail program.) They even pay attention to the little details such as pointing you to their customer service page and including common mailer images as well as the company logo. The clincher is the web address that is included. Click on the link and look at the web page it loads. (Don't fill in ANY personal data.) By looking at the anatomy of this carefully constructed page, you should be able to discern a legitimate login page from an impostor. Notice the address bar. A login page will point to a secure (https://) area of their domain (www.onlinecompany.com) while an impostor could use a secure or unsecure (http://) port and will likely point to (www.someWEBhost.com/www.legitimatevendor.com). The area before the slash (/) is your tip-off. As a rule, always go to the vendor from their own main page by typing the URL (web address) in by hand. You can then use the login link to access your account.

Pharming has also been termed 'phishing without a lure'. This is because some nefarious programmer has gone to the ultimate low and bundled extra code into that free utility, game, or other cool application that is now a free download. Such code can lead to popup windows claiming that your identity has been stolen and to click the link to fill out a form in order to report the incident. These forms then collect your data. The most common occurrence of such software; however, is to redirect requested addresses of well

• 1
• 2
• Next Page >>