"How Safe is Your Success" is a series of eight articles that address different aspects of a universal problem which is of particular importance to those who do business on-line. Most Internet users are at least aware there are dangers "out there", but few appreciate real extent of those dangers, possible (even likely) consequences, or best, most practical and least expensive means of countering them. This series is intended to at least provide some useful awareness of situation.-------------------------
Part 5 - Phishy Tales
The word "phishing" has become something of a buzz word, yet many casual Internet users still do not know what phishing really is or how to identify it. In this part of our series I'm going to use a simple but actual email to demonstrate most common form of phishing. But first, a bit of background.
Computer and technology dictionary Webopedia.com defines phishing as "The act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam user into surrendering private information that will be used for identity theft." On origin of word, Webopedia says "Phishing, also referred to as brand spoofing or carding, is a variation on 'fishing', idea being that bait is thrown out with hopes that while most will ignore bait, some will be tempted into biting".
OK, but how do you distinguish between a phishing eMail and a real message from, say, your bank or credit card provider? A phishing message may look very legitimate, with all right logos and so on. Even most of links may be real thing. Although there are often tell-tales such as poor spelling or bad grammar, many examples of this scam do appear to be perfect in every respect. The only way to see what is really going on is to look "under covers".
What scammer is trying to do is get you to click on a link that will take you to a website which is different to one you think it is going to take you to. At this dummy page scammer will try to get you to enter sensitive information such as credit card or on-line banking details.
With plain text emails, what you see is what you get. If a link says "www.CitiBank.com" then that is exactly where it will take you. But all is not so transparent with links in a HTML email. With HTML only way to tell where a link will really take you is to look at HTML code that underlies message. And "No", you cannot tell by hovering your mouse cursor over link and looking at status bar. The status bar message can be faked very easily.
All eMail client programs of which I am aware provide some means for you to look at HTML code. In Outlook, for instance, you can right-click on body of message and select "View Source" from pop-up menu. I've selected scam eMail I'm going to use because it is a very simple example without too much HTML code to complicate picture. The original eMail as it appeared in Microsoft Outlook can be seen here: http://HackersNightmare.com/FreeContent/Other/phishing1.jpg
In a moment I'll show you HTML code associated with that eMail. Don't worry if you don't understand HTML code at all I'll explain few important parts. But first, just a bit of general information to help you make sense of what you see.
In HTML code, anything that is between is called a "tag". A tag is actual code that tells web browser how to display message text. In this simple example there are only a few tags in use, and only one of them is very important to us. The tags in use in example email are: equals (=) sign will be location of an image that is to appear at this point on page. The tag must then be "closed" with a right-angle bracket >. See Lines 1 and 2.
<.BR> A line break. Several together is a series of line breaks. E.g. line 3. NOTE: The dot before BR is not part of a real HTML Tag. It is inserted so some editors will not interpret text as a real Tag.