[Daveskater]

As you may know, there are lots of web pages out there masquerading as legitimate pages. Some examples include a fake Hotmail login page, MySpace login pages and emails claiming to be from a bank.

Obviously if you receive an email from a bank that you don't use and they want to "update your information" then it's going to be fake. Clicking the link they provide in the email will send you to a fake page asking for your information, and it will look almost real. Usually when a company that has attempts to steal user's information contacts you via email, they will include some information that only they will know, such as part of your account number or your username.

The best way to protect yourself against pages from trying to steal your information is to check the URL of the page (the link in the address bar e.g. www.techsupportteam.org) and only use links that you know are real. For example, always log in to your web based email from the provider's website, and if you're at all unsure, take a look at the link. The easiest way to check the validity of a link without clicking it, is to put your cursor over it. The program you are using will then display the actual link in the status bar at the bottom of the screen.

As sites get bigger and are used by more and more people, then more attempts to steal member's information are going to crop up. However, if you're careful and don't click links that could be suspect, then you will almost certainly be fine. If you do happen to give your information to an illegitimate site, then go to the real site and change your password, then the people behind the fake one can no longer do anything with your account.

In essence, what I'm saying is check links and pages you're not sure about, and check emails that claim to be from an organization such as a bank or PayPal. Obviously it might take you a while to get into the habit and keep on the lookout for fake pages, especially if you've fallen victim to them before, but try and keep it in your mind whilst browsing the web and you'll be ok.

Happy surfing!

[evilfantasy]

New free Beta tool from Trend Micro.

Trend Micro eMail ID - http://www.trendsecure.com/portal/en..._tools/emailid

Quote:

Trend Micro eMail ID is a browser plug-in that helps you identify legitimate email messages in your inbox. It uses a two-step check to verify the authenticity of messages from hundreds of major companies, and then displays the result in the “from” area so that you'll know what's real. This helps you avoid opening and acting on phishing messages attempting to spoof real companies.

[Daveskater]

That's cool mate, I'm sure it'll be a valuable tool

I juts thought, having an updated HOSTS file can help filter out bad sites, but that obviously only works once you've clicked a link.

[evilfantasy]

The HOSTS file is good, the eMail ID works from your inbox to help identify malicious links.

[Backyard]

There are also Anti-Phishing Sites out there. Such as PhishTank & Millersmiles

[Howard]

Nice plugin Evil, gonna have to try it out.

Regards Howard

[evilfantasy]

LinkScanner Online will inspect it in real-time for whether it is hiding any exploit code and, if so, what exploit.

Use LinkScanner Online to inspect:

• Links forwarded by friends
• Web sites displayed on search results
• Any link with suspicious characters or web site you have never visited