Saturday, December 19, 2009

Catching phish

Phishing - the art of crafting a bogus email in such a way that significant numbers of people will click on links inside it, even when they should know the email did not come from the person or group it claims to represent.


First, lets take a look at the information you see when you first glance at the email:


The simple things to look for
The simple things to look for

This one is actually pretty obvious. I've never worked for Schlumberger or belonged to their employee credit union (they do have one), so I can safely assume I have no account data to verify. But if that wasn't enough, looking at the actual 'from' address. The email is supposedly from Schlumberger, but the email address is rrluee@accounts.net. Unlikely to be an address used by Schlumberger. Additionally, the 'to' address isn't my address, but service@orange.fr.


That's all good in a case like this, but what if it's not so obvious? Phishers can forge links, 'to' and 'from' headers, and even the golden 'security lock' that's supposed to tell you when you're connected to a secure site. What if you get emails claiming to be from eBay, or PayPal that don't seem right, but look really good? There are a couple of rules to go by in a situation like that:


First, if they are asking you to click a link to verify an account, they are probably bogus.


Second, never click a link in an email that is asking you to verify anything. Look the companies number up and call them or look up their website in a search engine, but don't use the links or any other contact information given in an email.


Third, if you do click on a link, check the URL in your browser. If you were going to Paypal and get http://www.getstuff.com/paypal you're probably on a bogus site.


I hope this was helpful. Remember, if they want you to provide information via email or a link from email, be wary.