What Phishing Looks Like and IE7 Phishing Reporting
I’ve read up on phishing, had friends caught by phishing scams, and have warned our watchers about phishing and other security threats in our Introduction to Computers and Internet Vol 1. However, I haven’t been directly sent a phishing attempt until just recently. Here’s the story and some pictures to help you identify phishing attempts and be safer on the internet.
My phishing attempt story starts with the following email. This was sent to my work email account- not my email address associated with my amazon login. So my spider-sense was tingling.
My other thought was “Why would Amazon want to terminate a customer account?” That just doesn’t make good business sense. I also assumed they would have a policy against sending such emails, so I went to their site to check it out. Obviously I’m not the only one getting such emails as they have a page helping people identify phishing threats.
The big thing to note here is that Amazon will never ask you personal information or request to verify or confirm your account information. So I knew my email was a phishing attempt trying to get my credit card.
At this point, you should just delete such an email and forget about it. (I went forward, so I can help you with this story, but even clicking unfamiliar links in emails such as this can pose threats to the unprotected computer, so don’t do it.)
Knowing this was trouble, I clicked the link in the email and this is what I saw.
Looks a lot like Amazon doesn’t it? Thieves do a good job in building these phishing websites, so it’s almost impossible to tell from just the page alone. One thing that was strange was the URL. It didn’t have amazon.com at the root of the URL only an IP address. But if you’re not looking at the URL, you could easily fooled. (And even my tech savvy friends have fell victim to these scams).
Is there help out there? Yes, thankfully. The first line of defense is still you, but some anti-phishing tools are also coming out to help. In this case, I was using the beta version of Internet Explorer 7 (so I can tell you guys about it). But in this instance, I wasn’t even thinking about what browser I was using. After being on this page, Internet Explorer 7 gave me the following warning.
Pretty cool huh? I was happy to see this warning and a bit relieved to finally have somone looking out for me on the web. So am I a convert to anti-phishing tools? At this point yes. I know the are not foolproof, but they sure can help. Anti-phishing tools are available in Intenet Explorer 7 which will be released soon. It also appears that firefox 2 will have anti-phishing tools as well. If you don’t want to wait there is an add in to the current release of firefox from Google that provides phishing protection help.
It’s a fact, phishing is out there - but with a bit of knowledge, and some help with anti-phishing tools, we’ll all be browsing safer.
Best wishes and happy browsing,
Brett
