I teach sessions on PC safety, and personal safety online.
Let me tell you a secret....
I have made, as a sample for the learners, a bogus email, and a bogus website for a bank. Purposely it doesn't look real, nor even atempt to be, but I can easily make it so. Anyway, i send the learners an email, and tell them to treat it as if it were from their bank, and it warns the will have their account closed if they don't click this link, and log in. So they do, and enter any old name, and a message as a password. all looks nice.
Then I go away for two minutes, and then return and tell them the name they used, and the secret message they typed.
Do you think it scared them? You bet it did....
And they always, ALWAYS, take on board what I tell them from then about security, and they cannot beleive afterwards how silly they feel, because they actually see how easy it is to be safe online.
Moral? use common sense, don't download from dodgy sites. Don't click any old link just because it says so. Always use up to date antivirus and firewalls.
make sure you take time out to make your PC safe, and be safe online!
If anyone would like to see this activity, and see how easily I can get information from you (and hundreds fall for it every day) let me know, and I'll send you that 'dodgy' email, and instructions, for before, and how to spot it afterwards. Its a pleasure.
send me email via PM and I'll send a 'dodgy' email to you. Don't worry,its 100% safe.
1 - don't use real passwords etc with this 2 - remember what you do enter. use a name and a message as a password.
Afterwards I'll return your results by email, and pass on a few tips and tricks to help you spot real phishing emails. Thats the name given to these tyoes of con tricks. You'd be surprised how easy it is to spot them a mile away.....
Which is the best antivirus program in your opinion, Corky? I had Kaspersky before this accident. I thought, it worked properly (at least, we both deleted Troyan successfuly. BTW, got it during watching OMD reunion 2005 on the unknown site. Moral- use Neil's site only, when you want to watch/listen to OMD goods.) Now i have NOD32. Maybe, there's something better?
How many times have feelings vanished in your head? How many times must they be lost before they're said?
Amber no AV is 100% accurate, but also if you don't update it regularly its almost as good as having no Antivirus at all. Viewing from a website is reasonably safe, especially if its a fairly anonymous website such s one you would view OMD videos.
The problem arises mostly on Chinese/russian/east european websites, mainly because of the large criminal element based in these areas, and the availability of skills to carry them out. They are often hosted as sites you can download MP3s and 'cracked' files to play full games. Not only are the files you get usually crap, but they (and in many cases the websites themselves are trojans to install viruses as you load them before you even realise) are just carriers of truly infected garbage.
I can recommend AVG, one because its free, and two because it updates daily. On the downside it can slow down the startup process on the PC so it does have a trade-off here.
NOD32 is by all accounts one of the better AV around (but make sure you allow it to update!!)
One thing it doesn't do is stop spyware. I would recommend you get one of these too. Maybe spybot (one of the best, and again freeware) or Adaware, again free.
"Cos Thats The Way The Mop Flops" Administrator Keeping everyone happy
Posts Per Day: 3.06
Time Online: 153 days 11 hours 48 minutes
Location: Manchester (UK)
Phishing as its know, does get people that are non web savy. I had a call from a good friend just a couple of weeks back his step daughter had fallen for a fake e-mail and got her PayPal account cleared out.
Also Maxine here, was concerned that "Ebay" had been intouch with here about fraud.. she does not have a e-bay account and it did take a while to convince here that it was phishing.
The regular ones doing the rounds are PayPal, Banks.. and in the last few weeks I am getting plnetnty from Google asking for me to confirm my details...
If you have the latest version of MSIE (NOT BETA) it does have anti phishing built in, and you do get a warning if you are about to enter a dodgy site.
Virus/Spyware and Malware are not to do with phishing...
Thats true neil, I just teach the whole spectrum. We use IE7 at work, and while the antiphishing is good, it doesn't catch them all, especially in emails.
Google is a new one, yes I heard that too. Especially now they are getting involved in the social site scene. Hence Facebook have suspended there activity with them. Its also very prevalent in Facebook and Myspace.....
Its always a formula, and when you know the signs its so easy to spot them anyway. As youpoint out, usually intelligent people can fall for them too, they can be so convincing.
If you get dodgy ones from ebay, you can forward the email to them at email@example.com and they will email you back within an hour to confirm it, if anyone needs convincing....
with email, you are usually on your own. a few tips are...
Never click on a link from an email. full stop. Always go the the website in question via your browser typing the website address in yourself.
If logging into Ebay, Paypal, Bank or other onine service, they will usually be secure. Look for the pacdlock icon, either in the address bar of your browser (in IE7 the address bar should also turn green( or in the grey area at the bottom of your browser.
If its too good to be true. Quite simply, it is.
If its from ebay, Paypal or online service THEY WILL KNOW YOUR NAME! dear valued customer is not a genuine email!
Before you check if you won that lottery, think.
How do they know you? Why don't they know your name? Are they really so kind that they paid so many entries for for, and so trusting that they want to pay all the winnings to you?
Don't replay to ANY EMAIL FROM NIGERIA!. full stop. Unless its a relative you know and they don't want you to launder money for them
Use common sense!! think first. NEVER reply to any email you suspect, no matter how much you want to slate the toerag who sent it. All you will do is confirm your email is used, and it will then become marketable. Watch the spam flood in....
and if you want proof abou t those bank or ebay/paypal email, just hover the mouse over the link (but dont click). You will either see a pop up showing the REAL link (which will sound VERY dubious) or it will show it in the grey area at the bottom of your browser. Still need convincing?