What is Digg?31 Comments
- sockpuppets, on 10/12/2007, -1/+14"Yes, even savvy Web users can get scammed."
Sorry, but no. Never give out your details, it's that simple. Nobody from AOL, or eBay, or paypal or your bank is going to ask you for it. - tempusrob, on 10/12/2007, -0/+6If Common Sense were as common as its name implies, phishing wouldn't be the "industry" that it is. ;)
- DaneTrain, on 10/12/2007, -0/+6Right...... I'm sure someone prone to phishing is going to remember 44(!) tips to prevent it. Jesus, it's really not that hard if you have any computer experience at all, just use common sense.
- skylights, on 10/12/2007, -0/+6It's a really nice list, but I'm surprised it doesn't mention some of the most common defenses.
1. Use Firefox 2.0 with its built-in phishing protection.
2. Use the Netcraft anti-phishing toolbar for a second layer of protection.
Also, I would recommend:
3. Use OpenDNS with PhishFarm for yet another layer of protection. - brstilson, on 10/12/2007, -0/+3I read maybe the first 5 and just glossed over the rest. This list is too long.
- brstilson, on 10/12/2007, -0/+3It's blocked now, but it wasn't a few days ago:
http://www.kokoroplanet.jp/NCUA/
My point is that just using Firefox isn't an adequate security measure to protect yourself. It takes time for any phising site to be registered. If I were a dumber person a few days ago, Firefox wouldn't have protected me, and I would be out a lot of money. - UncleCrapper, on 10/12/2007, -0/+2I agree with brstilson, the list is ridiculously long. You really only need one or two rules:
First rule, if it's important, THEY WILL CALL YOU or put change of log on information in the log on web page itself (the bank, your credit card companies, etc.) Why the ***** do people fall for this *****?
Second rule, at the very least call your bank or credit card company to confirm an email. When in doubt, refer to the first rule. Although that was listed as one of the tips.
What I find funny is living I Canada I get obvious phising emails "reminding" me to change my Bank of America or Chase Manhattan account log on information. Sure, no problem. Just as soon as Bank of America or Chase Manhattan open up banks in Canada. - Skinner72, on 10/12/2007, -0/+21.Don't be a dumbass.
- PueSi, on 10/12/2007, -0/+2The firefox phising protection works incredibly well, I have yet to enter a phishing site without a warning popping out.
Internet Explorer 7 also has one doesn't it? - BalsamLane, on 10/12/2007, -0/+2Name: Richard Milhous Nixon
DOB: 1/9/1913
SSAN: 567-68-0515.
Oops, I shouldn't give my personal information out on the internets.... - kelek, on 10/12/2007, -0/+2Simple tip to avoid phishing:
1. Don't click on anything in an email, ever.
There's really no need to. Just go to the site directly. If it's not spam (where clicking on spam only encourages more spam), it's phishing. If you really have an itch you need to scratch over an email you receive, directly go to your bookmark for that service that you already use, Google the site first, or manually type in the address if you remember it.
If that's too much work, then that's what you get for being lazy. - encognito, on 10/12/2007, -0/+1I always chuckle at the feeble phishing scams I receive. I routinely get one about paypal. It's funny because 1) it is addressed to Jason Vorhees, 2) it's sent to my dummy spam e-mail address which paypal has no record of and 3) it couldn't even make it to the inbox, it's in the spam folder of the dummy spam e-mail address so I would never see it unless I was specifically looking for spam. Furthermore, I use KeePass which stores all of my legit links along with the appropriate password and login name. I almost never have to type in URLs so there is no temptation to click on bogus URLs in some spam e-mail anyway. The only thing I am concerned with is sophisticated man-in-the-middle attacks. I have read scenarios where they even have the https address and legitimate looking security certificates. How do you reliable and quickly ferret out those sites?
- cyberscape2, on 10/12/2007, -0/+1"My point is that just using Firefox isn't an adequate security measure to protect yourself."
That would be why it was the first of three suggestions. :P
I do agree with you, though. But the best defense against phishers is simply common sense and a small bit of computer skill. - IHaveIssues, on 10/12/2007, -0/+1"That's funny, my Firefox 2.0 didn't "protect" me from the phisher site I visited the other day."
Post the URL here. - synth3tik, on 10/12/2007, -0/+1If I have to think "Hmmm is this legit?" then I know its not.
It's the same way I prevent myself from getting fired - brstilson, on 10/12/2007, -0/+1"The .jp domain name didn't raise any suspicions in you at all????"
Of course it did, but firefox didn't block it. That was my point. A lot of people don't pay attention to URLs and even less would know what .jp means. Using Firefox alone wouldn't have protected them two days ago. - solarpowered, on 10/12/2007, -0/+1Only 44 tips to remember?
I guess that's OK, I've got nothing better to do that remember all that. - Twango, on 10/12/2007, -0/+144 tips? Gosh, sure that's enough? I think Firefox has taken the right approach to this - I don't really want to become *that* literate on the subject. Lamed.
- tenken, on 10/12/2007, -0/+1@Teaboy: That may help you with recognizing phishing sites, but it also opens you up completely to being hacked right from your own computer. Having browsers save passwords should never be considered a "security" feature.
- seoimage, on 10/12/2007, -0/+1I like the Firefox Netcraft Toolbar which stops Phising Sites.
http://toolbar.netcraft.com/ - inactive, on 10/12/2007, -1/+1#45. Don't be a moron and check if the URL in the address bar matches the content of the page.
- thewebguy, on 10/12/2007, -1/+144 tips? that's sort of a lot..
- bbland, on 10/12/2007, -0/+045. Don't add Tom's new profile
- IHaveIssues, on 10/12/2007, -1/+1"http://www.kokoroplanet.jp/NCUA/"
The .jp domain name didn't raise any suspicions in you at all???? - Thex1138, on 10/12/2007, -1/+1When you get a suspicious 'Phishing' email from 'your' suposed bank...right-mouse click and view source...
Then check the link to the web site...if the hyperlink doesn't match the actual link to your bank...then delete it. - bobgb4, on 10/12/2007, -3/+3Only one step is required...
1. Look at the website in the address bar and make sure it is valid. - sasche, on 10/12/2007, -0/+0thats bull ***** mates
- Teaboy, on 10/12/2007, -1/+1I have most of my passwords set to remember automatically, so I know that if the fields are blank, I'm probably not on the right domain and I should look at the address bar. It's that simple.
- Yggdrasil, on 10/12/2007, -0/+0@bobgb4
@foobar5892
There have been browser vulnerabilities in the past that have allowed the spoofing of the address bar, so it may be a little more complex than looking at the URL. sockpuppets is much more correct, these businesses are not going to be sending you emails asking for your pin number. - brstilson, on 10/12/2007, -2/+1"1. Use Firefox 2.0 with its built-in phishing protection."
That's funny, my Firefox 2.0 didn't "protect" me from the phisher site I visited the other day. - inactive, on 10/12/2007, -23/+1TOTALLY OFFTOPIC BUT NEED HELP FINDING THIS SOFTWARE A DIGGER POSTED A WHILE AGO
Does anybody know the invite only (I trhink) rss reader...the website had screenshots of it in windows vista, and included popup mouse feature for news, a label on top for news, and others, I can't find it anywhere!
THANK YOU
© Digg Inc. 2009
— Content created and posted by Digg users is