Yellowstone Computing
(715)-669-6136
  • Home
  • Services
  • Support
  • Contact
  • Blog
  • About
  • Reviews
  • Repairs

Computer Scams: Phishing Revisited

2/24/2017

 
As many of our readers know, there are a variety of computer-related scams. This week, we’ll take a look at one of the easiest scams to fall victim to: the phishing attack.

There are several versions of the phishing attack but they generally follow a similar pattern. A victim is presented with an official-looking electronic communication (such as an email or webpage) that requests them to enter certain credentials, often an email address, credit card number or bank login. These credentials are then passed on to the author of the phishing scam for their use.

To give you a better idea of how this works, let’s walk through an actual scenario that recently happened to one of our customers.

Our customer is a CenturyLink customer so when she received an email from them relating to her email account she opened it. The message stated that her email account was approaching its storage limit and she should log in immediately to delete old messages or the system would delete them itself. The email appeared to be legitimate, it had the CenturyLink logo and appeared to come from an official email address. Our customer clicked the included link in the email in order to comply with the message but the page wouldn’t load. After trying several times, the customer contacted me to figure out why she couldn’t access the link in the email. When I examined the message, I immediately noticed several suspicious elements in the message, including some English translation errors. The most obvious sign that this message was counterfeit however, was the link. When I hovered the cursor over it the link was revealed to redirect to a malicious site, NOT a CenturyLink site. So why couldn’t the customer navigate to that site? Fortunately, our customer had purchased Emsisoft AntiMalware and it prevented her computer from accessing the site.

I later examined the link in the message and found it lead to a fake CenturyLink site where the victim would be required to enter their email address and password, as well as other personal information. Armed with these details, the perpetrators would have been able to access our customer’s email accounts and perhaps other secured information.

Emails are a popular vector for these attacks but they also appear on social media sites like Facebook, Twitter and Google+, or can be made to look like official websites like the IRS or your Internet Service Provider. So how can you protect yourself from these attacks?

1.Use a paid anti-malware product such as Emsisoft. Anti-malware software will help to mitigate the number of attacks as well as warn you of potentially dangerous sites. If you do receive a warning, don’t simply dismiss it. Instead, take the time to evaluate the first. If in doubt, check it out or simply give us a call! 

2.Don’t mindlessly click on links! Hover your cursor over the link to see where it actually goes.

3.Don’t search for websites; type their address directly into the address bar of your browser. Typing a website into a search box (such as Google, IRS, or Yahoo) simply runs a search for the site. Since these are popular sites, it is very common to find fake links in the search results. Case in point: searching for the IRS on Yahoo brings results for irs.gov (the real Internal Revenue Service site) and irs.com which, according to their about us page “IRS.com is in no way associated with or endorsed by the United States Department of Treasury or the Internal Revenue Service. It is a non-governmental, privately owned website, operated by Banks.com, Inc.” Sounds like a great place to file your taxes, right?
​
4.Don’t succumb to social engineering. Social engineering is a form of psychological manipulation of people in order to gain the victim’s trust or access to secure information. An example of social engineering would be the Trojan Horse; from which we get the Trojan virus nomenclature. A more modern example would be the popup that says your computer is infected. Most people don’t know whether their computer is infected or not so when someone tells them it is, they tend to believe them, especially when the message is accompanied by unusual behavior on the computer.

5.Use two-factor authentication when possible. Although somewhat inconvenient, this security option does make it more difficult for your accounts to be compromised.

What to do if you HAVE been a victim.
Change your passwords as soon as possible, preferably from another computer. This is because the device you were using may have been infected by a key logger (which tracks what you type) or other malware that can leave you vulnerable. If you gave away any banking or credit card information, call those institutions immediately and explain what happened, they will be happy to help you change your accounts and login credentials to prevent fraud.

Contact Yellowstone Computing to have your computer checked for possible infections and if you haven’t been using a good anti-malware product, get one. We now offer service plans to protect and enhance the performance and security of your computer year-round! Both plans include Emsisoft Anti-Malware, Windows Updates, third-party software updates, system cleaning and maintenance as well as technical support! Pricing starts at just $15.95 per month after an initial setup fee of $49.95 which includes a full Tune-up! Call us today for full details! Mention this article and save 25% on your first month of service!

Comments are closed.

    Yellowstone Computing

    To read about us, click here!

    Archives

    December 2021
    September 2021
    August 2021
    May 2021
    April 2021
    March 2021
    February 2021
    January 2021
    December 2020
    November 2020
    October 2020
    September 2020
    August 2020
    July 2020
    June 2020
    May 2020
    April 2020
    March 2020
    February 2020
    January 2020
    December 2019
    November 2019
    October 2019
    September 2019
    August 2019
    July 2019
    June 2019
    May 2019
    April 2019
    March 2019
    February 2019
    January 2019
    December 2018
    November 2018
    October 2018
    September 2018
    August 2018
    July 2018
    June 2018
    May 2018
    April 2018
    March 2018
    February 2018
    January 2018
    December 2017
    November 2017
    October 2017
    September 2017
    August 2017
    July 2017
    June 2017
    May 2017
    April 2017
    March 2017
    February 2017
    January 2017
    November 2016
    October 2016
    December 2015
    September 2015
    July 2015
    May 2015
    April 2015
    March 2015
    February 2015
    January 2015
    December 2014
    November 2014
    October 2014
    September 2014
    August 2014
    July 2014
    June 2014
    May 2014
    April 2014

    Categories

    All

    RSS Feed

Visit Us!

What Our Clients Are Saying

Joe is really in tune with what our business needs are... what a great guy with amazing skills... - Grassland Veterinary Service

Yellowstone Computing goes above and beyond for their customers! Joe is very knowledgeable and will go the extra mile to make sure his customers not only get what they asked for but also makes sure they are taken care of for many years to come! Between the great business services they provide and their involvement in the Thorp Chamber I'd highly recommend doing business with Yellowstone Computing! Whether you are an individual looking for computer or other technology help or a large employer who needs to either supplement your current IT support or completely outsource it Yellowstone Computing should be one of your first calls! - Justin Z.