-------------------------

Part 2 – Shoring Up Your Browser

In Part 1 of this series I gave you some "homework" reading. If you followed up on that recommendation you have already had a glimpse of some of things we'll discuss in this part. If you didn't do so back then, I urge you to read that article before continuing: http://hackersnightmare.com/FreeContent/Browser_Wars.pdf

Now, there simply isn’t space available here to get into specifics of various browser brands and versions so, where specifics are at all necessary, I'm going to restrict this article to Microsoft's Internet Explorer. Despite inroads made by competitors such as Mozilla Firefox, Internet Explorer is still choice (even if by default) of 90% of worlds Internet-using population. No matter whose survey figures you choose to believe, it's somewhere around that number. Even so, while fine detail may differ, general warnings and recommendations herein apply to all browser brands.

As computer programs become more and more complex, likelihood of errors somewhere in thousands – even millions – of lines of programming code becomes so high as to be almost guaranteed. Obviously it is thus essential that there be some way to correct any errors that may be discovered after program has been released. The method of doing so is referred to as "applying patches and/or updates". Broadly speaking, we can say that patches fix "broken things", while updates add new functionality. In either case it is usually a simple process of downloading a small corrective file and running it to apply fix/update to main browser program.

Unfortunately, if they think about it at all, millions of browser users world over take position "if it works, why mess with it?". Their browser gets them around Internet and that's all they want of it. But they are giving no thought to what is happening behind scenes; to what advantage is being taken of "broken things" they haven't bothered to patch.

A great example of dangers of such complacency can be found in a short article from USA Today that is actually more to do with firewalls (which we will look at in Part 7 of this series). I urge you to read this article now, paying particular attention to fact that malicious exploits mentioned were all targeted at, and made possible by, known flaws in Internet Explorer – flaws for which a patch was available but had not been applied. Please do read this article before continuing: http://hackersnightmare.com/FreeContent/Other/HoneyPots.pdf

Patches were available to plug holes that were exploited by MS Blaster and Sasser worms (as described in above article) even before those attacks took place. It was sheer number of unpatched Internet Explorer installations globally that allowed those very costly and near-catastrophic attacks to take place at all. Instead of going off with a bang that was heard around world and echoed in all mainstream media, they should have resulted in nothing more than a fizzle.

-------------------------

Part 5 - Phishy Tales

The word "phishing" has become something of a buzz word, yet many casual Internet users still do not know what phishing really is or how to identify it. In this part of our series I'm going to use a simple but actual email to demonstrate most common form of phishing. But first, a bit of background.

Computer and technology dictionary Webopedia.com defines phishing as "The act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam user into surrendering private information that will be used for identity theft." On origin of word, Webopedia says "Phishing, also referred to as brand spoofing or carding, is a variation on 'fishing', idea being that bait is thrown out with hopes that while most will ignore bait, some will be tempted into biting".

OK, but how do you distinguish between a phishing eMail and a real message from, say, your bank or credit card provider? A phishing message may look very legitimate, with all right logos and so on. Even most of links may be real thing. Although there are often tell-tales such as poor spelling or bad grammar, many examples of this scam do appear to be perfect in every respect. The only way to see what is really going on is to look "under covers".

What scammer is trying to do is get you to click on a link that will take you to a website which is different to one you think it is going to take you to. At this dummy page scammer will try to get you to enter sensitive information such as credit card or on-line banking details.

With plain text emails, what you see is what you get. If a link says "www.CitiBank.com" then that is exactly where it will take you. But all is not so transparent with links in a HTML email. With HTML only way to tell where a link will really take you is to look at HTML code that underlies message. And "No", you cannot tell by hovering your mouse cursor over link and looking at status bar. The status bar message can be faked very easily.

All eMail client programs of which I am aware provide some means for you to look at HTML code. In Outlook, for instance, you can right-click on body of message and select "View Source" from pop-up menu. I've selected scam eMail I'm going to use because it is a very simple example without too much HTML code to complicate picture. The original eMail as it appeared in Microsoft Outlook can be seen here: http://HackersNightmare.com/FreeContent/Other/phishing1.jpg

In a moment I'll show you HTML code associated with that eMail. Don't worry if you don't understand HTML code at all – I'll explain few important parts. But first, just a bit of general information to help you make sense of what you see.

In HTML code, anything that is between is called a "tag". A tag is actual code that tells web browser how to display message text. In this simple example there are only a few tags in use, and only one of them is very important to us. The tags in use in example email are:

equals (=) sign will be location of an image that is to appear at this point on page. The tag must then be "closed" with a right-angle bracket >. See Lines 1 and 2.