Beware 'Spear Phishing' Scams

Identity Theft - Phishing : Beware 'Spear Phishing' Scams

Posted by Max on 2006/10/11 3:20:00 (1415 reads)

Online social networking sites are skyrocketing in popularity, but now experts say those sites have become a major target for so-called "phishers," who are using these sites to lure users into their scams.

Seventeen-year-old Dan Leveille uses myspace.com not only to connect with friends, but to promote his photography and web-design business.

Dan Leveille, Myspace.com User: "I'm on there pretty much every day; I can spend like hours on there."

So when a music group contacted him, Dan clicked on the profile but got a login pop-up instead.

Dan Leveille, Myspace.com User: "I thought it was myspace, it looked exactly like it, but on the address bar, it didn't say myspace.com."

Ron Teixeira with the National Cyber Security Alliance says Dan was almost hooked by a spear phishing scam -- the newest type of scam targeting social networking sites.

Ron Teixeira, National Cyber Security Alliance: "Spear phishing is when they hone their tactics and they use personal information that you have posted on these social networking sites to try to steal different financial information from users."

For example, say your profile states that you like a certain band. Spear phishers will send you an instant message or bulletin that looks like it's from that band.

But when you click it...

Ron Teixeira, National Cyber Security Alliance: "It will load malicious code onto your program and use vulnerabilities that exist on your computer to again install these different programs that collect all your financial information."

Other links may lead to fake login pages used to collect usernames and passwords so scammers can use your profile and attack your friends. So beware of messages asking for personal information.

Ron Teixeira, National Cyber Security Alliance: "Legitimate companies do not ask for personal information via email."

Also, never email any account information. If you're asked to login a second time, make sure the URL is correct, and know who you're dealing with.

Ron Teixeira, National Cyber Security Alliance: "We always suggest that you never download an attachment or click on a link from someone you don't know."

Dan says since his close encounter, he's more careful about what's on his profile.

Dan Leveille, Myspace.com User: "I don't put my first or last name and I don't even give it to people I know because they could not be who I think they are."

Michael says says another important way to protect yourself is to make sure your browser, operating system, anti-virus, spyware, and firewall programs are all up to date.

Previous article - Next article

Other articles
2009/11/3 14:55:39 - BitDefender Top Ten Malware Threats for October 09
2009/11/3 14:29:38 - Nov. 09 Microsoft Security Intelligence Report
2009/10/7 15:19:17 - StopSign AntiVirus and Anti-Malware is Windows 7 Compatible
2009/10/7 15:11:26 - New Outlook Backup and Migration Software By Disk Doctors
2009/9/30 4:20:57 - Microsoft Security Essentials, FREE Security Tool Just Released
2009/9/28 14:31:52 - New Rogue Antispyware Cloaked To Infects Computers
2009/9/9 4:31:49 - Trend Micro Proves Leadership in URL Filtering and Web Security
2009/9/9 4:16:20 - New Free Tool to Clean Conficker Once and For All
2009/9/1 8:37:11 - Kaspersky Internet Security 2010 and Kaspersky Anti-Virus 2010 Out Now
2009/9/1 7:54:50 - NEW P2P Advertising Network Protects Users Against Lawsuits And Identity Theft

The comments are owned by the poster. We aren't responsible for their content.