In order to properly spot an Internet phishing scam, you need to know what it is.  When someone or some organization is phishing, they are attempting to obtain confidential information under false pretenses with the objective of stealing credit card numbers, passwords, or other personal or financial data.  With this in mind, spotting an Internet scam may be extremely difficult for a novice Internet user like grandma, grandpa, or anyone who isn’t familiar with the Internet or someone who doesn’t know what may or may not be legitimate online.

When you finish reading this article, you will:

  • Know how to spot and avoid phishing scams 100% of the time
  • Know what to do with phishing attempts against you
  • Know what to do should someone you know become a victim

Pay close attention to every word of this article; it may save you and others a lot of headache later.

Phishing scams is nothing new.  If you use Google Trends, you will see that the term “phishing” and “phishing scams” can be found in news articles ever since Google started tracking them in late 2003, early 2004.  You will also notice that the search trend for the term “phishing” took off in the second quarter of 2004.  The search for the phrase “phishing scam” only took off in the first quarter of 2005.  At the time of this writing, June 2009, there continue to be several news articles regarding the rise of phishing scams.  Here are some recent ones just to give you a feel:

  • Phishing Scams can Wipe Out your Bank Account (19 Jun 2009) – The lure of money can convince some people down on their luck to send in their bank account information in hopes to get free money.
  • Internet Job Scams (19 Jun 2009) – Job postings online lure job seekers into providing confidential information online
  • Phishing Disguised as Virus Warning(15 Jun 2009) – Users are University of Arkansas being scammed of their account information through an e-mail warning users of a virus
  • E-mail Account Phishing Scam hits Penn State (08 Jun 2009) – Penn State users being scammed through an e-mail that purports to come from the Penn State helpdesk; e-mail requests users to divulge their account name and password.

It may seem that one has to have some degree of computer and Internet literacy to spot a phishing scam.  Fortunately, that isn’t the case.  It is extremely easy to spot these scams; all you need to remember are two simple rules.

These two rules will help ensure you have a 100% hit on your ability to spot any phishing scams.

  • If it is too good to be true, it probably is.
  • Any unsolicited communication (e-mail, text, social networking message, or any other forms of communication) requesting for confidential information or asking you to click a link to sign in is an attempt at phishing.

You can apply these rules against the examples below and see how easy it is to spot a scam:

  • You receive an e-mail stating that there is some inheritance that is to be released to you; however, they need to receive your name, address, phone/fax, age, and occupation in order to release the funds to you.
  • You receive an e-mail from Mrs. Aaisha Ali Abaul who is dying and who happens to have inherited millions of dollars.  She would like to give you her millions as her last good deed; of course you will need to provide her your bank account information in order to transfer the millions
  • Bank of America sends you an e-mail stating that you need to verify your account information.  A login link is provided for your convenience.
  • PayPal sends you and email stating that your account has been breached.  They ask you to login in order to correct the problem, and they conveniently give you a link to help you do this.
Now that we know how to spot phishing scams, dealing with their disposition is very straight-forward and easy.  Simply, if they are in your e-mail box or message inbox, simply delete them.  If you cannot delete them, simply ignore them.  By all means, do not respond to any of these communications as it lets the “scammers” know you are a live one.
At this point in the article, you should never become a phishing scam victim; but what if a relative or close friend becomes one?  It is never to late to learn, so have them read this article as well and learn.  Then have them read the article at the Federal Trade Commission web site on Defend: Recover from Identity Theft. This site provides a wealth of information on what to do.
If you don’t remember anything else from this article, just remember this:  “If it’s an unsolicited communication, it is very likely a phishing scam in one form or another.”

Protect your computer

Protect your computer/confidential information

Introduction

These days, there are so many bad or nasty things your computer can catch or stumble into from the Internet without even trying.  Virus, malware, trojan, spyware, and malicious web sites are some of the things to avoid. Each is intended to damage files, steal your identity, capture your account information, show you ads, or turn your computer into a platform for launching more infections (worms, virus, adware/spyware).

With so many potential vectors of attack, what is one to do? How is a typical computer user going to fight this onslaught? Well, if you are reading this, chances are you are looking to improve your computer’s security because of some prior bad experience. Guess what, you’ve found the most complete discussion on computer protection ever.

First Line of Defense

In order to protect your computer, you need to acquire a multi-layer set of solutions like the one listed below.  All these are free!

Last Line of Defense

If your first line of defense fails, your last line of defense can help you by protecting your personal or confidential information.

Encryption

If you own a laptop, then you shouldn’t leave home without making sure you are using TrueCrypt–an encryption solution that can help make sure your confidential and personal information are totally secure should you lose your laptop, or god forbid, should it be stolen.  This free open-source software solution allows you to create virtual encrypted disk drives which only you can read.

ID Protection

If you are worried about identity theft and have a few dollars to spare, look into subscribing to a credit or identity protection service like protectmyid.com.  This service sends you alerts whenever there is a change in your credit status–like someone applying for credit under your name!

WARNING:  Bogus Alert!

WARNING: Bogus Alert!

Just recently I noticed something very interesting on my wife’s laptop.  I noticed it because I’m normally the one who install her anti-virus (AV) and other programs.  This one was obvious because there appeared to be another AV program reporting that laptop is being attacked or hacked and that I must purchase it in order to protect the computer from this attack!

The bogus AV is called Spyware Guard 2009.  This one is categorized as a parasite–meaning that it is one heck of a program to remove from your computer.  It is one destructive and nasty parasite because it does the following:

  • Prevents you from going to the Internet
  • screws up the user profile…meaning that if you log out then login, it will tell you that your user profile is missing; effectively you can’t get back to your desktop

It does more, but I didn’t wait too long to find out.

Most users would be easily scammed and overwhelmed by this, but fortunately I’m not most users.  Even then, it was one heck of a parasite to remove.  How did I do it?

I did a lot of searches on the Internet (using another computer).  Most solutions I found provided free scans to find the problem but wanted me to pay to remove.  However, I found a solution that allowed me to scan an remove.   It is called Malwarebyte’s Anti-malware.

It allowed me to scan and identify registry entries and files that were part of this parasite.  Then it gave me the option to remove them.  It couldn’t remove about 5 of them, even after a couple of attempts.  I knew then that I had a relatively new or different strain.

Fortunately, MalwareByte Anti-Malware clearly identified which ones it couldn’t remove.  I tried removing them in Windows safe mode, with no luck–system reports that they cannot be deleted.

As a last resort, I booted using ERD Commander and deleted the bad files and registry entries.  And FINALLY got rid of that parasite.

The last thing I did was removed the administrative rights of my wife’s account.  This should help prevent any future major infection.

I hope this is helpful to others who read this.

I’ve been using the BlueCoat K9 Web Protection product for some time now.  It’s purpose is to help keep you or your kids from going to inappropriate web sites.  The degree of inapropiateness you disallow is dictated by how you configure the filter and what site categories you allow.

Note that if you have kids, this is a perfect companion for your home computer.  The product is free; all you have to do is register to get your free license key.  Download the  product here:

As you may know your standard anti-virus (AV) software cannot generally protect you from malicious websites.  Although the big names in the AV market have implemented such features in the past, those solutions have gotten so bloated that they pretty much make your computer run like a snail.  That is why I’ve pretty much have given up on most of those solutions and have used a more lightweight solution from AVAST!.  AVG provides a lightweight solution as well, and they’ve recently made public their link scanner–called AVG Linkscanner.

This linkscanner is supposed to protect you from malicious web sites by blocking or informing you of a site’s reputation before you even go there.

You can get an online demo of  AVG Linkscanner here:

I’ve installed it at home.  It’s free; let’s see how it does.

Your Anti-Virus (AV) software starting to bog down your computer?  I’ve seen and have experienced this personally.  What did I do?  I uninstalled my AV software and installed something more lightweight like avast! Home Edition

Give it a try, I’ve been using it, and I have been very happy with its performance.

One of the worst things that can happen to you is to lose a flash drive.  The one thing that can is even worst than that is if teh flash drive has confidential information.

Enter TrueCrypt!

TrueCrypt is an encryption product that will allow you to create a secure file which you can access like a drive (e.g. drive G:, M:, or whatever you choose it to be).  In order to mount it like a drive you need to supply a passphrase–which you setup when you build a TrueCrypt file volume.

If you save the TrueCrypt file on a USB flash drive and access it like a drive, you can store your confidential files there.

If you ever lose this flash drive, no one can access the confidential data you have in the TrueCrypt file because they are encrypted.  That solves your problem.  The only thing you need to make sure you do now is make backups of your data so you can recover them should you lose your flash drive; and you won’t have to worry about others seeing your confidential files!