Network management tool vs. phishing

Source: TechTarget

For people who send spam and use e-mails to defraud their personal information, the Internet is now their arena. The method for sending spam is called "phishing ", these frauds are generally targeted at banks, online house auction websites, credit card companies, and other industries.

Almost everyone has received such emails and has been cheated for a while or for a long time. These emails seem to come from a legitimate organization, such as the eBay website, contains eBay trademark images and copies eBay's default Email links and buttons of the same shape, but contains a link-based activity bar that will take you to a forged website, once you enter this website, your Email address is verified, so that you will become the target of future fraud.

In typical cases, these frauds will send you notifications on important issues and provide you with a link so that you can follow the instructions to solve the problem. Of course, once you get there, you will be asked to log on. Once they get your login information, or even worse, they get your identity information (such as social insurance accounts) or ask the answer (for example, your mother's name before marriage, your pet name, and so on), they can steal funds from your credit card. The key to identifying this type of E-mail attacks is to identify the real URL address of the link site and identify the real email address of the sender.

For most network administrators, This is a trivial task, but make sure that all users on the network know this very well.

Move your mouse over the link and check its real Url address. Be careful when entering each URL address, especially those containing a reference script (such as CGI, except for those domain names that have been confirmed to be reliable, other domain names should be rejected because these websites may be fraudulent websites, to hide its real address, they may show you the address "http://ebay.com: 169.43.25.107: 8080", which is not directed to the eBay site, but to the server where the address is, it uses port 8080 (the port is the local port of the Microsoft ISA Server). a cgi script can also be used to implement many spoofing methods, such as displaying a website that is currently correct, then, we switched to a fraudulent website to obtain user information.

At the same time, you should also check the title of all suspicious emails. Many E-mail clients hide the information header so that you will not see a lot of useless information when reading the mail information. You need to enable the "title browsing" function. For Microsoft Outlook or Outlook Express, you can select the "attribute" command under the "file" menu after opening the file, view this email
Item title. In Eudora, you can click "Blah" when displaying the email.

However, when you find the title, you should carefully check the sender's information. A truly professional spam sender or scam expert will execute an email reply, the reply address is forwarded to another server in another domain and forwarded through this server. Therefore, do not just view the "sender" line, it also depends on whether the email sent from the sender is based on the information it receives. There are a lot of guidance on this topic on the Internet, and there are some methods for putting them into the blacklist, one of which is: html "> http://www.panix.com/e-spam.html