This is really common, but the scariest thing is that many of these spoof
sites do not use copies of the logos, buttons, ads, etc., but rather have
their phony website point to the same files as the real company's website
points to. This means their site not only looks virtually perfect, but it
will even update counters and other changing features just like the real
company's site. Combined with the ability to spoof web addresses so that
they VERY closely resemble the real company's web address, many people are
scammed. Gone are the days when bad translations and goofy web addresses
made it easy to tell the fakes from the real thing. There are a number of
security products that will warn if a bad website comes up, but these are
never 100% reliable. I'm afraid we're all going to have to become our own
best security consultants.
While I'm on the subject, one of the biggest current threats is the hacking
of corporate servers and the theft of confidential user files including
usernames and passwords. I've personally received at least a half dozen
warnings, either by snail mail or email, from companies whose servers I
have/had a user account on, and I don't maintain that many user accounts.
It has become more important than ever to make sure that usernames and
passwords are unique for each site on which you have an account. It is a
giant pain in the ass, but becoming more important every day. Fortunately,
there are a number of free or very inexpensive username/password vault
programs out there that will automate the input of usernames and passwords,
so you only have to remember the password you use for the vault. A quick
search on "password protection" or "password vault" should bring up a
selection of such programs.
It is also important to use firewalls, either software or hardware,
(preferably both) that are "packet state" firewalls. Windows firewall is
good, but firewall protection from many of the anti-virus security companies
is better. And we all have up to date anti-virus protection, right?
Sorry for the length, but I felt it was important.
Stay Safe,
Greg Tibbetts
-----Original Message-----
From: tigers-bounces@autox.team.net [mailto:tigers-bounces@autox.team.net]
On Behalf Of Thomas Witt
Sent: Tuesday, June 28, 2011 6:56 PM
To: tigers@autox.team.net
Subject: [Tigers] Ebay email warning
I know a lot of folks use Ebay on this list. So, I thought I would pass on
this warning:
I got an email (seemingly through Ebay) that was from some guy asking me it
the car I recently sold (which I had) was still for sale. The email looked
just like an Ebay email does. I was going to answer him thinking everything
was OK because I was using the Ebay "Respond" button in the email. This of
course causes the Ebay "Sign In" to come up. Normally my Ebay User Name
comes up and all I have to do was fill in the Password. This time there was
no User Name pre filled in the box. It seemed a bit strange and... I looked
up to see that the internet address did not look like the Ebay sign in
address (though it had the Ebay emblem in the address bar).
I quickly closed the page. I was a few keystrokes away from thinking I was
answering a legitimate Ebay question - but giving the guy my Password
instead. A quick check of my Ebay account "In Box" showed the guy had never
sent the email through Ebay!!!
Tom
_______________________________________________
tigers@autox.team.net
Donate: http://www.team.net/donate.html
Archive: http://www.team.net/archive
Forums: http://www.team.net/forums
Unsubscribe: http://autox.team.net/mailman/options/tigers/nospam@tibnet.org
_______________________________________________
tigers@autox.team.net
Donate: http://www.team.net/donate.html
Archive: http://www.team.net/archive
Forums: http://www.team.net/forums
|