Tuesday, March 17, 2015

PHISHER? | Or Just a Spoofer?

Spoofer. Smaller eyes, shorter teeth. Darker fur.
Often less dangerous than a Phisher, but...
It may help to look at the attached photos to appreciate the differences between Spoofers and Phishers.

They have some things in common - like two long teeth on both the upper and lower jaws with which they can rip your throat out and then proceed on a more leisurely basis to the rest of what's left of you.

Both spoofers and phishers are e-thieves.

It pays, therefore, to learn their M.O.'s and take the steps recommended below to prevent yourself being damaged by either of them.

They say good judgment comes from experience... Experience comes from bad judgment. But let's move on.

Spoofers

Spoofers change the apparent sender details on an e-mail and fool you into thinking they are someone they are not. This could just be for fun, or more likely it could have an ulterior motive of getting you to believe that the person they are pretending to be is in trouble. So you may get an email that looks like it is from your classmate Fred, who explains he is in Paris and he lost his wallet and could you please wire cash immediately to Western Union to be picked up by Fred's friend Maham Xuru. Anyone asking you to send money to Western Union is immediately suspicious, because that is a favorite way of getting money.
Phisher. Longer teeth, wider eyes. Longer fur, lighter shade
of color. Does not have your interest at heart.

Phishers

Phishers design emails to try to get you give up sensitive information.

They are more dangerous because if their design works, you may not realize you are giving them access to sensitive information.

Sensitive means passwords that enable e-thieves to remove money from your bank account directly... or charge something to your credit card.

Spoofers and Phishers Work in Teams

The two predators can work together.

You may get an email that looks like it's from someone you know, and then gets emails designed to coax you to give access to passwords to opening your accounts.

Spotting Spoofers

Spoofers are clever at hiding, but there are ways to spot them.

One technique they are using is to include the logos of the companies they are pretending to be. Once upon a time, they would just send an email saying "This is the AOL E-mail Memory Department - you have exceeded your 2 Gigabyte limit - click on the link below to expand your memory or we will close your account." Now spoofer is more likely to include the AOL logo and other indications that this is a genuine warning.

One of the cleverest techniques is to have the e-mail come from the Fraud Prevention Department, or include a link marked "Unsubscribe".  It would be cute or funny if their purpose wasn't so deadly.

Return e-mail addressed may include slightly altered names that substitute a different domain ending or a different letter in the name of the organization - a zero instead of an O, for example.

AOL and other ISPs have been showing headers in e-mails, or allowing this as an option, which makes it easier to spot spoofers.

The worst case is when a spoofer manages to take over a computer. That happened to me. I basically had to buy another computer. Good judgment comes from experience. Experience comes from bad judgment.

Spotting Phishers

Phishers are easy to identify through the trail that they lay out for you. They want you to come to a place where they can jump up at you and finish you off with a lunge at your throat.

Essentially, phishers want to make money by charging a thing, or things, to your account that you will never see, or by simply taking money out of an account.  Spoofing is a stop on the way to achieving their purpose.

They want the phishee to provide personal information through a reply to an e-mail or through filling out a fork on a website.

Protecting Yourself

Before following a link, hover your cursor over it and check that the address matches the one you think you are going to or sending to. Here are the questions that should be going through your mind:
  • What Are They Asking for? Be careful about any email that asks for your social security number or tax identification number, your bank account information, credit card number, PIN number, credit card security code, your mother's maiden name, your birthplace or your favorite pet's name.
  • Is the English Grammatical? Poor grammar or typographical errors may mean the e-mail is being tranlasted automatically from another language or is sent by people for whom English is not their first language.
  • Does the Return Address Look Genuine? If the "received from"or "reply to"  for the e-mail looks strange, start worrying. Most e-mail programs let you look at the source of the e-mail. 
  • Does the Website Look Real? Some phishers set up spoof websites. When in doubt, reply directly to a known e-mail address.  
  • Does the E-mail Address Look Real? Some phishing e-mails include a link that looks as though it will take you to a real account, but it is really a shortened link to a completely different website. If you hover over the link with your mouse when viewing the message in your e-mail client, you often can see the underlying false website, as a pop-up or in the browser status bar.
  • Do They Offer a Chance to "Unsubscribe"? Spammers often use the "Unsubscribe" button to  create a list of valid e-mail addresses for nefarious purposes.
To fight phishing, go here: http://www.antiphishing.org. American Express is dedicated to fighting spoofing and phishing - their security site seems to be open.