Keep attackers from phishing in your waters

Learn why phishing attacks continue to rise and three steps you can take to mitigate this risk.

Phishing is all the rage these days. And I don't mean the kind where you're relaxing on a boat with a worm dangling from a hook waiting for a large-mouth bass to happen by.

On the Internet, phishing (also known as carding or brand spoofing) is a scam used by an attacker who sits at a remote computer dangling a malicious Web site on spam e-mail waiting for a naive Internet user to happen by.

MessageLabs recorded a 1,000% increase in the number of phishing attacks they intercepted between June and July of 2004 and that number continued to grow, ending the year 50 times higher than the same period in 2003. Suffice it to say, phishing is a critical problem, particularly for users gullible enough to take the bait.

What can you do to protect Windows from being victimized by phishing scams? You've already had many experts tell you continually patch systems and get rid of Internet Explorer -- a Web browser with more exploitable vulnerabilities than its competition -- so here are a few other quick tips that may come in handy.

More Information

Visit our phishing resource center for news, tips and expert advice on how to reduce this risk.

Share this checklist with your users and teach them how to avoid phishing attacks.

Block spam effectively in Outlook
Filtering and blocking spam is probably the single biggest step you can take in guarding Windows against phishing attacks. Spam is the delivery mechanism that gets the bait to your computer. If an attacker can't get his phishing message to your inbox, there is no chance your systems will be victimized. The latest version of Microsoft Outlook and many other e-mail client applications now have fairly good junk mail filters to keep the majority of spam out of your inbox. In Outlook, you can set the Junkmail options by navigating to Actions/Junk E-mail/Junk E-Mail Options.

Guard your hosts file with an IPS
The hosts file in Windows maps network destinations or Web sites to IP addresses, and can be used to override DNS. Some phishing attacks actually rewrite the hosts file, so the next time users try to visit certain Web sites they are unwittingly visiting the malicious replica site. You should use an intrusion prevention system (IPS) or other security software to guard your hosts file, and periodically check the hosts file to look for any suspicious entries. You can open it in Notepad.

Strip out code in e-mail messages
Phishing scams rely almost exclusively on the ability to include and execute active-scripting code within an e-mail message. You can turn off this ability. To do so, go to Tools/Options/Security and then select Zone Settings. When the warning box pops up, click "ok" and select Custom Level to disable specific types of code from executing. You can also set Outlook to display all incoming e-mail as plain text only, which will prevent scripting code from being executed. Simply click Tools/Options/E-Mail Options and select the checkbox next to "Read all standard mail in plaint text".

About the author
Tony Bradley is a consultant and writer with a focus on network security, antivirus and incident response. He is the About.com Guide for Internet/Network Security, providing a broad range of security tips, advice, reviews and information. Tony also contributes frequently to other industry publications. For a complete list of his freelance contributions you can visit Essential Computer Security.

This tip orginally appeared on SearchWindowsSecurity.com.

This was first published in December 2005

Dig deeper on Email and Messaging Threats (spam, phishing, instant messaging)

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close