Article:  Recognize phishing scams and fraudulent e-mail - Business Wholesale Distributor Products Forum

SmallVolume · 07-13-2009, 04:36 AM

-Originate from:http://www.microsoft.com/

Phishing is a type of deception designed to steal your valuable personal data, such as credit card numbers, Windows Live IDs, other account data and passwords, or other information.

You might see a phishing scam:

• In e-mail messages, even if they appear to be from a coworker or someone you know.

• On your social networking Web site.

• On a fake Web site that accepts donations for charity.

• On Web sites that spoof your familiar sites using slightly different Web addresses, hoping you won't notice.

• In your instant message program.

• On your cell phone or other mobile device.

Often phishing scams rely on placing links in e-mail messages, on Web sites, or in instant messages that seem to come from a service that you trust, like your bank, credit card company, or social networking site.

SmallVolume · 07-17-2009, 01:02 AM

 How to spot a fake web site – Phishing

In computing, phishing is a criminal activity using social engineering techniques. Phishers attempt to fraudulently acquire sensitive information, such as passwords and credit card details, by masquerading as a trustworthy person or business in an electronic communication.

Ever got an email asking you to urgently update your account? And you get these kind of mails several times…Welcome to Phishing zone.

Tips on How to find a fake website
Check Security Signs while doing any money transaction

You must always look for “https” on any site you use to enter sensitive information. This includes login pages, online shopping sites and bank web sites. Mind you there is one extra “s” in bold which tells actually that server is secure. Notice the closed padlock on the lower right corner of the browser window.If you click on it, it will open a window that gives you more details regarding the certificate. Every company that asks you for sensitive information must have a digital certificate, preferably one from an established certificate authority.

SmallVolume · 07-17-2009, 01:03 AM

 Identifying "Spoofed" Websites

By Vince Barnes originate from:http://www.htmlgoodies.com/

Are you certain that the site you are looking at
is what it appears to be? Is it coming
from the company it claims to?
The Crime

You click a link on a page or in an email you have received. And why not? The email is from the bank, it has their familiar logo and all their usual wording in it. The clicked link takes you to a page with the usual account login fields for you to put in you username and password. The URL up in the address bar is the usual URL for your on-line banking and so you're pretty comfortable. You type in your username and password but for some reason it doesn't take. You try again and you're logged in in the usual fashion and see all your account details. Everything is as it should be. Or is it?

Unfortunately, it is very possible that you have just become a victim of a crime involving a "spoofed" website address and the contents of all your bank accounts are now at risk. How does it work, and what can you do to protect yourself? Let's take a look.

The criminal starts by obtaining a legitimate email from the bank in question. This could have come from an actual account they or one of their associates opened, or it may have come from the email program in a lost or stolen notebook or home computer. They also copy the login page from the bank. Using phony ID they set up a site on a hosting company somewhere and put up the copy of the login page, but with some code written into it to capture the entered username and password and transfer the visitor to the legitimate login page.

Next, they send out the emails with some pretext that requires you to login and check something on your account. The emails have spoofed sender and return addresses so that they look like they came from the bank. The link in the email uses another spoofing technique to display the legitimate website address in the address bar and status bar of your browser while actually displaying the fake page. You click it, it takes you to the fake page, but everything looks normal to you. You type in your username and password; the fake page captures your identification and sends you over to the legitimate login page. Depending on the way the bank's site (or auction, or web payment or any other financially useful page) is constructed, it might also be possible for the fake page to pass your identification over to it so that it logs you right in without you having to type it a second time.

SmallVolume · 07-17-2009, 01:04 AM

Here I put some articles together for you to read to avoid those fake or spam websites.

Hope they would be helpful. Also you may put forward some your own ideas on it.

pete · 07-17-2009, 12:11 PM

That is fine, but if you copied those articles from other places it is correct to say that they are not original with you and state where you copied them from.

2 reasons - The person who did write them should get credit

And everything on websites and forums is copyrighted and should not be copied without permission.

SmallVolume · 07-23-2009, 04:15 AM

Thanks and sorry, and next time when I collect some good articles I will record the original writer and source.

Thanks for remind again.