次の方法で共有

Would you fall for www.paypa1.com?

  • [アーティクル]

It might be slightly off topic for this blog, but as phishing attacks are such unpleasant things I thought it worth mentioning this really good article that a colleague forwarded to me.

It talks about why people fall for phishing attacks and how we might start to address the problem. How closely do you really look at URLs? Would www.paypa1.com fool you into thinking it was www.paypal.com?

Or that www.bankofthevvest.com was www.bankofthewest.com?

The report also points out how easy it is for spoofers to put false images like padlocks and https refereneces into the status bar, and how many people fall for that.

Well worth a read, and kind of sobering. I like to think I'm wise to these attacks but I'm sure on a bad day I could easily fall for some of these tricks.

Take a look at our anti-phishing site for more info.

It's also worth pointing out that if you use the MSN Toolbar with IE6 there is an add-in for that http://addins.msn.com/phishingfilter/

Comments

  • Anonymous
    April 24, 2006
    Microsoft has a "newerer" program to combat this problem from your Typo-Patrol group.

    http://research.microsoft.com/URLTracer/

  • Anonymous
    April 24, 2006
    Thanks for that, I hadn't seen it before.

  • Anonymous
    June 15, 2006
    Paypa1 (That is the number 1) has been sending me emails to get my real paypal credit card number by saying that my new email address has been changed to skramer396@yahoo and they need me to sign in with all my infromation to verify the change.  Of course, they are trying to get my credit card info.

    Just thought you might to add this to your information on them.

  • Anonymous
    June 21, 2006
    Thanks for the info Don.

  • Anonymous
    October 22, 2006
    or you could get IE7 @   ................. http://www.microsoft.com/windows/ie/downloads/default.mspx

  • Anonymous
    July 08, 2007
    i've had someone contact me about an ad on the site www.buyandsell.net on my mobile phone then sending me fake paypal fund receipt mails with paypa1. he now texts me every few days demanding i ship the laptop to him, but of course no money was ever sent.