Forum Navigation

Phishing: More info and how to try and prevent it

Post new topic   Reply to topic    Zombie Nexus Forum Index -> Security
View previous topic :: View next topic  
Author Message
Site Admin

Joined: 26 Nov 2002
Posts: 5118
Location: Enfield, London, UK

PostPosted: Fri Aug 26, 2005 11:16 am    Post subject: Phishing: More info and how to try and prevent it Reply with quote

With all the recent talk about phishing on ZombieNexus, I thought I'd share what I know about it and some useful resources.

The best place to go for information on Phishing is APWG (the Anti-Phishing Working Group). They have up to date info on the current and past phishing scams, as well as a phishing scam submission engine.

As the rule goes, prevention is better than cure. So the idea is not to receive the phishing emails in the first place. Phishing is basically a very evil and illegal for of SPAM, so basically you need to apply similar technologies or methods to prevent it. If you receive a lot of SPAM, maybe its time to get a new email address. General rules to preventing SPAM:

  • Don't give your email address out easily, only when absolutely necessary
  • Have a separate account for things like forums, registered access only sites and for when you have to give your address to download something
  • Don't use the above account for purchases

However, no matter how hard you try, you will get SPAM sooner or later. Web-mail providers like Hotmail and Yahoo provide pretty good junk mail (SPAM) filters, Google's G-Mail goes one better and also has a phishing reporting tool. Many ISP's may provide SPAM filtering too, but it often has to be turned on in your account settings, so contact them or look at their support pages for more information.

You can also install a local SPAM filter. These won't save your bandwidth, so if you receive SPAM you will still have to download it from the mail server and let your local SPAM filter take a look at it, but it will help by classifying anything that gets to your mailbox as SPAM or not. I have used a few over the years. There are many FREE ones out there, so have a good look around. These ones I have used and seem to work OK:

Netcraft produce an Internet Explorer and Firefox Anti-Phishing toolbar. This seems to work pretty well, and also allows you to report phishing attempts. I've also heard that Netcraft reward the reporting of new scams with things like mugs and t-shirts which is a nice little incentive.

This will certainly help in the meantime while the browser makers try to implement their own, more robust built-in systems. I know Internet Explorer 7 will definitely include quite a bit of anti-phishing technology, and I expect future versions of Firefox will too. Opera already has some anti-phishing technology built in, but I expect Opera to make it more sophisticated as time goes on the the phishing gets worse.

You can also report phishing scams directly to several organizations. Generally you can forward the emails to the APWG, but most big companies like eBay and PayPal have email addresses for scam reporting too.


Finally, if you want to know more about phishing, theres a very in-depth article on it at HoneyNet. I warn you that its long and quite in-depth, but its very detailed and useful if you want to understand phishing better.

Quote:"The question is not whether or not you're paranoid, its whether or not you're paranoid enough.'' Max, Strange Days
System: DFI LanParty UT NF4-Ultra, Athlon64 X2 4400+, GeForce 7800GTX 256Mb, 2Gb Corsair XMMS3500C2PRO, Creative X-Fi.

Back to top
View user's profile
Display posts from previous:   
Post new topic   Reply to topic    Zombie Nexus Forum Index -> Security All times are BST
Page 1 of 1

Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum

ZBN Codebase (version 3.4.6)
Copyright © 2001 - 2009 Fraser Pearce & Graeme Wheeler. All Rights Reserved.
All trademarks and logos are the property of their respective owners.

Powered by phpBB © 2001, 2005 phpBB Group
Enhanced by these phpBB Mods and Hacks