-------------------------

Part 5 - Phishy Tales

The word "phishing" has become something of a buzz word, yet many casual Internet users still do not know what phishing really is or how to identify it. In this part of our series I'm going to use a simple but actual email to demonstrate most common form of phishing. But first, a bit of background.

Computer and technology dictionary Webopedia.com defines phishing as "The act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam user into surrendering private information that will be used for identity theft." On origin of word, Webopedia says "Phishing, also referred to as brand spoofing or carding, is a variation on 'fishing', idea being that bait is thrown out with hopes that while most will ignore bait, some will be tempted into biting".

OK, but how do you distinguish between a phishing eMail and a real message from, say, your bank or credit card provider? A phishing message may look very legitimate, with all right logos and so on. Even most of links may be real thing. Although there are often tell-tales such as poor spelling or bad grammar, many examples of this scam do appear to be perfect in every respect. The only way to see what is really going on is to look "under covers".

What scammer is trying to do is get you to click on a link that will take you to a website which is different to one you think it is going to take you to. At this dummy page scammer will try to get you to enter sensitive information such as credit card or on-line banking details.

With plain text emails, what you see is what you get. If a link says "www.CitiBank.com" then that is exactly where it will take you. But all is not so transparent with links in a HTML email. With HTML only way to tell where a link will really take you is to look at HTML code that underlies message. And "No", you cannot tell by hovering your mouse cursor over link and looking at status bar. The status bar message can be faked very easily.

All eMail client programs of which I am aware provide some means for you to look at HTML code. In Outlook, for instance, you can right-click on body of message and select "View Source" from pop-up menu. I've selected scam eMail I'm going to use because it is a very simple example without too much HTML code to complicate picture. The original eMail as it appeared in Microsoft Outlook can be seen here: http://HackersNightmare.com/FreeContent/Other/phishing1.jpg

In a moment I'll show you HTML code associated with that eMail. Don't worry if you don't understand HTML code at all – I'll explain few important parts. But first, just a bit of general information to help you make sense of what you see.

In HTML code, anything that is between is called a "tag". A tag is actual code that tells web browser how to display message text. In this simple example there are only a few tags in use, and only one of them is very important to us. The tags in use in example email are:

equals (=) sign will be location of an image that is to appear at this point on page. The tag must then be "closed" with a right-angle bracket >. See Lines 1 and 2.

-------------------------

Part 6 - Disaster Recovery

This part is a little longer than other seven, reflecting extreme importance of subject matter.

The term "disaster recovery" means different things to different people. Even confined to events that affect usability of computers in conduct of business, a "disaster" can have a wide range of meanings, and "recovery" can vary quite considerably in scope. In this article I am going to restrict meaning of "disaster" to mean data loss.

Nor will we concern ourselves with how data may have been lost, other than to reflect briefly on fact that events that can cause data loss are many and occur frequently. They include fire, flood, earthquake, electrical surge, theft, vandalism, equipment failure, user error, vindictive acts — to name just nine of many possibilities.

Similarly, we'll use only a narrow definition of "recovery", as in "getting back data that was lost". Beyond that, smart entrepreneurs will have at least a rudimentary Disaster Recovery Plan in place. The DRP will include information on where to quickly source replacement computers (perhaps temporary hire) and all other things that will need to be done to get a business up and running again very quickly after a catastrophic event. Under certain policies insurers may require that a Disaster Recovery Plan be submitted for approval before cover is granted. For information on DRPs, also called Business Continuity Plans, just do a web search — there is a lot of information out there. Thinking about such things now may save your business in future.

In practice a diverse mix of methods is used to take copies of important data, ranging from doing nothing (a disturbingly large number) to complex, expensive and dedicated network-attached storage devices. Methods in common use include burning to CD, copying to floppy (rare these days due to large file sizes), copying to another PC on a network, storing to ZIP, JAZ or now obsolete LS-120 drives, detachable USB storage devices, and so on. And of course venerable Tape Backup Unit (TBU). There are dozens of different tape formats, with most common probably being 4 millimeter Digital Audio Tape (DAT). Regardless of tape format or drive type, this method is usually just referred to generically as "tape backup", with only IT professional concerned with specifications.

But no matter which method or storage media you use, backing up critical data is a pointless exercise if that backup remains in computer, in office or even in building. Considering only nine types of disaster I mentioned above, at least six of those can also render your backups useless, along with original data storage, if backup is not taken completely off-site.

Now before you start to get bored, I'm not going to just repeat admonition you have probably heard ad nauseum — to take your backups off-site. If you haven't been doing that up to now, then my harping is unlikely to make you change your ways. And even if you have been taking your backup's off-site, how effectively have you been doing it? Will you in fact be taking yesterday's backup with you when you leave today, and leaving today's backup running? Hey … I understand. Who wants to hang around after work every day for an extra hour or more waiting for a backup to run? And that's if you are using some automated method with a large capacity removable media, such as tape.

If you are manually backing up to some other media, say CD or ZIP drive, then you have even more work to do and no guarantee that you will be getting every important file off every computer.