Keep attackers from phishing in your waters

On the Internet, phishing (also known as carding or brand spoofing) is a scam used by an attacker who sits at a remote computer dangling a malicious Web site on spam e-mail waiting for a naive Internet user to happen by.

MessageLabs recorded a 1,000% increase in the number of phishing attacks they intercepted between June and July of 2004 and that number continued to grow, ending the year 50 times higher than the same period in 2003. Suffice it to say, phishing is a critical problem, particularly for users gullible enough to take the bait.

What can you do to protect Windows from being victimized by phishing scams? You've already had many experts tell you continually patch systems and get rid of Internet Explorer -- a Web browser with more exploitable vulnerabilities than its competition -- so here are a few other quick tips that may come in handy.

Block spam effectively in Outlook
Filtering and blocking spam is probably the single biggest step you can take in guarding Windows against phishing attacks. Spam is the delivery mechanism that gets the bait to your computer. If an attacker can't get his phishing message to your inbox, there is no chance your systems will be victimized. The latest version of Microsoft Outlook and many other e-mail client applications now have fairly good junk mail filters to keep the majority of spam out of your inbox. In Outlook, you can set the Junkmail options by navigating to Actions/Junk E-mail/J...

Guard your hosts file with an IPS
The hosts file in Windows maps network destinations or Web sites to IP addresses, and can be used to override DNS. Some phishing attacks actually rewrite the hosts file, so the next time users try to visit certain Web sites they are unwittingly visiting the malicious replica site. You should use an intrusion prevention system (IPS) or other security software to guard your hosts file, and periodically check the hosts file to look for any suspicious entries. You can open it in Notepad.

Strip out code in e-mail messages
Phishing scams rely almost exclusively on the ability to include and execute active-scripting code within an e-mail message. You can turn off this ability. To do so, go to Tools/Options/Security and then select Zone Settings. When the warning box pops up, click "ok" and select Custom Level to disable specific types of code from executing. You can also set Outlook to display all incoming e-mail as plain text only, which will prevent scripting code from being executed. Simply click Tools/Options/E-Mail Options and select the checkbox next to "Read all standard mail in plaint text".

About the author
Tony Bradley is a consultant and writer with a focus on network security, antivirus and incident response. He is the About.com Guide for Internet/Network Security, providing a broad range of security tips, advice, reviews and information. Tony also contributes frequently to other industry publications. For a complete list of his freelance contributions you can visit Essential Computer Security.

This tip orginally appeared on SearchWindowsSecurity.com.

Rate this Tip To rate tips, you must be a member of SearchSecurity.com. Register now to start rating these tips. Log in if you are already a member. BROWSE BY TAG Web Security Advisor,   Application and Platform Security,   Email Protection,   Email and Messaging Threats (spam, phishing, instant messaging),   VIEW ALL TAGS Digg This!     StumbleUpon     Del.icio.us    RELATED CONTENT Web Security Advisor DNS rebinding defenses still necessary, thanks to Web 2.0 New defenses for automated SQL injection attacks PCI compliance and Web applications: Code review or firewalls? Worst practices: Bad security incidents to avoid Web scanning and reporting best practices Social networking Web site threats manageable with good enterprise policy Enterprise security in 2008: Building trust into the application development process PCI DSS Section 6: A plan for tackling application security Making the case for Web application vulnerability scanners Preparing for uniform resource identifier (URI) exploits Email and Messaging Threats (spam, phishing, instant messaging) How to secure a .pdf file Top spammer gets four years in jail for stock fraud scheme New Zeus spam poses as Social Security statements Messaging security risks have upper hand on solutions Web-based attacks skyrocket, pirating sites surge, security firms say Pushdo botnet uses Facebook to spread malicious email attachment Scareware report highlights successful business model How to prevent phishing attacks with social engineering tests Phishing protection begins with training, antiphishing evangelist Phishing attacks to remain a major problem, say security experts Email and Messaging Threats (spam, phishing, instant messaging) Research RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary CAPTCHA  (SearchSecurity.com) crimeware  (SearchSecurity.com) Operation Phish Phry  (SearchSecurity.com) pharming  (SearchSecurity.com) phishing  (SearchSecurity.com) Register of Known Spam Operations  (SearchSecurity.com) Rock Phish  (SearchSecurity.com) Sender Policy Framework  (SearchSecurity.com) spam cocktail  (SearchSecurity.com) spear phishing  (SearchSecurity.com) RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.