Beware 'Spear Phishing' Scams

Identity Theft - Phishing : Beware 'Spear Phishing' Scams

Posted by Max on 2006/10/11 3:20:00 (1514 reads)

Online social networking sites are skyrocketing in popularity, but now experts say those sites have become a major target for so-called "phishers," who are using these sites to lure users into their scams.

Seventeen-year-old Dan Leveille uses myspace.com not only to connect with friends, but to promote his photography and web-design business.

Dan Leveille, Myspace.com User: "I'm on there pretty much every day; I can spend like hours on there."

So when a music group contacted him, Dan clicked on the profile but got a login pop-up instead.

Dan Leveille, Myspace.com User: "I thought it was myspace, it looked exactly like it, but on the address bar, it didn't say myspace.com."

Ron Teixeira with the National Cyber Security Alliance says Dan was almost hooked by a spear phishing scam -- the newest type of scam targeting social networking sites.

Ron Teixeira, National Cyber Security Alliance: "Spear phishing is when they hone their tactics and they use personal information that you have posted on these social networking sites to try to steal different financial information from users."

For example, say your profile states that you like a certain band. Spear phishers will send you an instant message or bulletin that looks like it's from that band.

But when you click it...

Ron Teixeira, National Cyber Security Alliance: "It will load malicious code onto your program and use vulnerabilities that exist on your computer to again install these different programs that collect all your financial information."

Other links may lead to fake login pages used to collect usernames and passwords so scammers can use your profile and attack your friends. So beware of messages asking for personal information.

Ron Teixeira, National Cyber Security Alliance: "Legitimate companies do not ask for personal information via email."

Also, never email any account information. If you're asked to login a second time, make sure the URL is correct, and know who you're dealing with.

Ron Teixeira, National Cyber Security Alliance: "We always suggest that you never download an attachment or click on a link from someone you don't know."

Dan says since his close encounter, he's more careful about what's on his profile.

Dan Leveille, Myspace.com User: "I don't put my first or last name and I don't even give it to people I know because they could not be who I think they are."

Michael says says another important way to protect yourself is to make sure your browser, operating system, anti-virus, spyware, and firewall programs are all up to date.

Previous article - Next article

Other articles
2010/3/18 8:07:31 - Panda Cloud Antivirus Receives ICSA Labs' First Cloud-Based Certification
2010/3/17 15:49:34 - Open-Source Email Security Taken To The Next Level at WebhostingDay
2010/3/17 15:18:40 - McAfee Warns ABout Scareware or Fake Antivirus Software
2010/3/2 5:22:13 - VeriSign and AVG Will Integrate VeriSign Trust(TM) Seal Within AVG LinkScanner(R)
2010/3/1 7:36:12 - New Stealth Software Protects P2P Users From Lawsuits by Copyright Holders
2010/2/24 13:55:16 - New State of The Art Firewall By Palo Alto Networks
2010/2/24 13:50:26 - Beware of Fake Antimalware Programs Like PCsProtector
2010/2/24 13:38:02 - New Registry Cleaner Guide Helps Your PC Perform Faster
2010/2/3 7:32:43 - PC Login Now (Full version) Available Now For Free.
2010/2/3 7:11:57 - Mitto Named One of 20 Top Web Applications

The comments are owned by the poster. We aren't responsible for their content.