Jul 3, 2007

Phishing 101

I had an interesting thing happen today that never happened before. I was doing some reading on some blogs and got a "phishing alert" from windows and had no clue so I am sharing with you what I learned today.
Q.
What is phishing?
A.
Online phishing (pronounced "fishing") is a method of identity theft that tricks you into revealing personal or financial information online. Phishers use phony Web sites or deceptive e-mail messages that mimic trusted businesses and brands in order to steal personally identifiable information such as usernames, passwords, credit card numbers, and Social Security numbers.
Q.
What is the Microsoft Phishing Filter and how does it help protect me?
A.
The Microsoft Phishing Filter is both a feature of Windows Internet Explorer 7 and Windows Live Toolbar as part of Windows Live OneCare Advisor. It is designed to help protect you from fraudulent Web sites trying to steal your personal information.Phishing Filter helps to protect you in two key ways.
It operates in the background as you browse the Web, analyzing Web pages and determining if they have any characteristics that might be suspicious. If it finds suspicious Web pages, it will show a yellow warning, advising you to proceed with caution.
Phishing Filter checks the sites you visit against an up-to-the-hour, dynamic list of reported phishing sites. If it finds a match, Phishing Filter will show you a red warning notifying you that the site has been blocked for your safety. For more information on the Phishing Filter Client in MSN Premium Client, please view the product help in MSN Premium Client.
Q.
Is Phishing Filter turned on when I first install Windows Internet Explorer 7 and Windows Live Toolbar?
A.
No. Phishing Filter is an optional feature you must turn on to use. This can be done when you install Internet Explorer 7 or when you begin to use the browser. The first time you use Internet Explorer 7, you will be asked whether you want Phishing Filter to check Web sites automatically. If you choose to turn on Phishing Filter, it will ask your permission to check and in some cases send certain Web site addresses to Microsoft to be checked against a frequently updated list of reported phishing sites and will alert you about suspicious or reported phishing Web sites.If you choose not to check Web sites automatically, Phishing Filter will display an icon on the Internet Explorer status bar that you can use to check Web sites on a case-by-case basis. To check a Web site, click the icon, and then click Check this Website. You can also check any Web site from Internet Explorer 7 by clicking Tools, selecting Phishing Filter, and then clicking Check This Website. Phishing Filter is part of the Windows Live OneCare Advisor in Windows Live Toolbar. To turn it on, click the OneCare Advisor button and then select Turn on Phishing Filter. You can also choose to turn on Phishing Filter to check individual Web sites in both Internet Explorer 7 and Windows Live Toolbar. For more information on the Phishing Filter Client in MSN Premium Client, please view the product help in MSN Premium Client.
Q.
What does it mean when a Web site is flagged yellow and "suspicious"?
A.
A suspicious Web site has some of the typical characteristics of phishing Web sites, but it is not on the list of reported phishing Web sites. The Web site might be legitimate, but you should be cautious about entering any personal or financial information unless you are certain that the site is trustworthy.
Q.
What does it mean when a Web site is blocked and flagged in red as a reported phishing Web site?
A.
A reported phishing Web site has been confirmed by reputable sources as fraudulent and has been reported to Microsoft. We recommend you do not give any information to such Web sites.
Q.
What information does Phishing Filter send to Microsoft?
A.
Phishing Filter uses an SSL Web connection to send Web site addresses to Microsoft. For more information about what data is sent and how it is used, see the Internet Explorer Privacy Statement or for Windows Live Toolbar, see the Microsoft Online Privacy Statement.
Q.
One of the sites I visit is being flagged by Phishing Filter, but it's not a phishing Web site. What can I do?
A.
From the warning, you can choose to report this site as a safe site. Choose I don’t think this is a phishing Website. Follow the instructions on the feedback site to complete this process.
Q.
If I find a Web site I think is phishing , how do I report it?
A.
To report a phishing Web site using Windows Internet Explorer 7, go to the Tools menu, select Phishing Filter, and then click Report This Website. To report a phishing Web site from the Windows Live Toolbar, click the OneCare Advisor button on the toolbar and in the dialog box that appears, click Report this website as phish.For more information on the Phishing Filter Client in MSN Premium Client, please view the product help in MSN Premium Client.
Q.
How are false warnings or blocks prevented?
A.
Our goal is to minimize false warnings or blocks. Phishing Filter only blocks sites that have been verified as phishing sites by our graders (phishing escalation reviewers) or by our third-party data providers. Phishing Filter also offers a Web-based feedback system to help users and Web site owners report any errors as quickly as possible. These reports are verified by our graders and mistakes are corrected.
Q.
If I am a Web site owner, how do I correct a warning or a block on my legitimate site?
A.
You can immediately submit a request for a correction. Microsoft Phishing Filter has a built-in, Web-based feedback system in place to help customers and Web site owners report any potential false warnings or blocks as quickly as possible. In Windows Internet Explorer 7 or Windows Live Toolbar, from a yellow warning, click Report this site as safe or from a red warning, click Report that this is not a phishing website. This will take you to a feedback page where you can indicate you are a site owner or representative. Follow the instructions and provide the information on this site to submit a site for review.Once a dispute is submitted, a team of graders inspects the site in question. All disputes should be submitted through the Web site reporting process to ensure the quickest resolution.
Q.
How do I turn off Phishing Filter?
A.
In Windows Internet Explorer 7, go to the Tools menu, select Phishing Filter, and then click Phishing Filter Settings. In the dialog box that appears, under Phishing Filter, select Disable Phishing Filter. In Windows Live Toolbar, go to the toolbar menu and click Toolbar Options… Click OneCare Advisor in the list on the left and then clear the Turn on Microsoft Phishing Filter box. For more information on the Phishing Filter Client in MSN Premium Client, please view the product help in MSN Premium Client.
Q.
What can I do to help protect myself from online phishing?
A.
Be defensive with your personal information.
Be cautious about providing sensitive data in an e-mail message, instant message, or pop-up window.
Be wary of clicking links in e-mail messages and instant messages.
Go to Web sites that provide privacy statements or information on how they help protect your personal information.
Q.
What should I do if I think I've entered my personal or financial information into a phishing Web site?
A.
Immediately do the following:
Change the passwords or PINs on all your online accounts.
Place a fraud alert on your credit reports. Check with your bank or financial advisor if you're not sure how to do this.
Contact your banks and online merchants directly. Do not follow links in fraudulent e-mail messages.
Close any accounts that have been fraudulently accessed or opened.
Q.
What should I do if I discover that I've been a victim of fraud?
A.
Immediately do the following:
File a report with the local police.
Place a fraud alert on your credit reports. Check with your bank or financial advisor if you're not sure how to do this.
Change the passwords or PINs on all your online accounts.
Contact your banks and online merchants directly. Do not follow links in fraudulent e-mail messages.
Close any accounts that have been fraudulently accessed or opened.
Q.
If I am a Web site owner, what can I do to help minimize the chance of my Web site being flagged by Phishing Filter?
A.
There are several things you can do that can help minimize the chance of your site being flagged as suspicious. Think of these as best practices or optimal Web site design ethics.
Use secure sockets layer (SSL) certification with a current server certificate issued by a trusted certification authority if you ask users for personal information.
Make sure that your Web page doesn't expose any cross-site scripting (XSS) vulnerabilities. Protect your site by using anti-cross-site scripting attack tools
Use the fully-qualified domain name. All domains should reverse to actual domain names, not numeric IP addresses. This means a URL should look like “microsoft.com” and not “207.46.19.30.”
Avoid using the @ symbol before the fully-qualified domain name in your URL. The @ symbol enables phishers to concoct deceptive URLs and is therefore immediately suspicious to Phishing Filter.
Don't encode or tunnel your URLs unnecessarily. If you don't know what this means, you probably aren't doing it.
If you post external or third-party hosted content, make sure that the content is secure and from a known and trusted source.
Q.
If I am a system administrator, how do I control the Phishing Filter in Internet Explorer 7? Is it configurable with group policies?
A.
In Internet Explorer 7 (IE7), the Phishing Filter feature is fully controllable as part of the group policy support and using Internet Explorer 7 security zone settings. You can ask Phishing Filter not to check sites in the trusted zone. By default, Phishing Filter in IE7 does check these sites, but you can turn checking off for this zone. You can then add your own custom list of sites to the trusted zone for your enterprise, including sites a company has decided for are “safe” or “trusted.” These sites are trusted locally by the Phishing Filter and are never checked automatically
Q.
Can I customize a list of trusted sites for Phishing Filter in Internet Explorer 7?
A.
As an Enterprise administrator or an individual user, you can add your own list of trusted sites for your company or yourself and then turn Phishing Filter off for the Trusted Sites zone.
From the Internet Explorer Tools menu, click Internet Options.
In the Internet Options dialog box, click the Security tab.
Click the Trusted sites icon, and then click the Sites button.
In the Trusted sites dialog box, enter the Web site URL in the Add this Web site to the zone box, and then click Add. Close the box.
Click Custom level... and select Disable under Use Phishing Filter. You may have to scroll through several items.
Click OK.

Sphere: Related Content

No comments: