Blackhacker

Netcraft is reporting an ongoing phishing attack against Citibank customers that use Two Factor Authentication. You have to admire the elegance of the attack. The article does a good job of describing the attack, so i won’t do it here. But I will add the most successful data security breaches focus on the weakest part of any security system … the human element. Phishing is no different. Here are some tips to keep you safe from phishing:

1. Be wary of emails that ask you to update user information. Most legitimate financial sites, like banks and credit cards have disaster recover plans. Information is backuped daily, and shipped off site for safe keeping. They will NEVER have to ask you to update information because of “computer failure.” It is unheard of in the industry these days. In fact it is against the policy of Ebay, to even send such a message. So when you receive such and email reporting to be from Ebay, or Paypal, simply forward it to spoof@ebay.com or spoof@paypal.com respectively and then delete it.
2. Don’t click on links in emails to websites where sensitive info is stored. That is exactly how phishig is accomplished. Instead bookmark for easy access the sites where sensitive personal data or finances are stored, like your bank, credit card, and paypal accounts.
3. Download and install the Netcraft Security Toolbar. It displays a risk ratings of every website you visit. And warns you when you try to access a suspected phishing site.

This entry was posted on Monday, July 17th, 2006 at 10:01 am and is filed under Computers and Internet. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.