National Webcast Initiative

Phishing

Thursday, October 9, 2008

Questions and Answers Transcript

The following is a compilation of questions submitted to the presenters through the written
Q and A tool during the webcast. The transcript has been edited for relevance.

 

Question: Should I ignore emails from the IRS?
Answer: Yes - the IRS does not send emails to taxpayers.
***************************************

Question: Can phishing scams come via Instant Messaging?
Answer: Yes - messages may seem like they are coming from people you know.

***************************************
Question: How can my computer be compromised by just clicking on a link?
Answer: Your computer could become infected with malware or your password could be stolen by simply clicking on a link.

***************************************
Question: Can't bogus links be identified in the lower part of most web browsers by hovering over a suspected link?
Answer: That is true but that data can be altered to say whatever the phisher wants.

***************************************
Question: If there are multiple verified Phishing sites, why aren't they shut down?
Answer: Phishing sites are always being shut-down. Sometimes they are part of a fast moving botnet and new sites come online as quickly as you shut them down.

***************************************
Question: How does reading emails in plain text help in identifying phishing emails?
Answer: You can see links in plain text so they can't be hidden or misleading.

***************************************
Question: Many people use online services to pay bills and make purchases. How do you know if these sites are safe?
Answer: Make sure it's a site that you trust, the site uses SSL and that the SSL certificate is valid.

***************************************
Question: What is a botnet?
Answer: Networks of compromised computers -robots- used to perpetrate eFraud and eCrime.

***************************************
Question: How can I tell if an email address is spoofed?
Answer: Sometimes it can be determined by looking at the email headers.

***************************************
Question: How can you tell if your cell phone has been infected with malware?
Answer: Bring it to your cell phone provider and ask them to check it.

***************************************
Question: What is SSL?
Answer: SSL are cryptographic protocols that provide secure communications on the Internet. For example, web browsing, email, internet faxing, instant messaging and other data transfers.

***************************************
Question: Is a router an effective firewall?
Answer: Router is not a firewall. If you are behind a router, you should still run at least a host-based firewall to protect your system.

***************************************
Question: Is phishing against the law? If so, how are they prosecuted?
Answer: Yes, it is a criminal offense. Prosecution is up to law enforcement.

***************************************
Question: How do you detect malware?
Answer: Detection of malware can be achieved by running anti-virus programs on the suspected systems. However, those programs will only catch what has already been seen. Additionally, any anomalies on the systems should be investigated. For example, if your system suddenly restarts or starts running slowly or pop-up windows show up.

***************************************
Question: If my identity is stolen, can I obtain a new Social Security number?
Answer: Contact the Social Security Administration.

***************************************
Question: There are times when I'm on a legitimate page and an advertisement box pops up. I've been told if you click on the closure box, they can still get your URL address. Is this so?
Answer: If you get a pop-up you should click the X instead of the "close" button. The best protection is to use a pop-up blocker.

***************************************
Question: I opened a greeting card e-mail and the computer re-started and then I received a warning indicating that spyware had been added to my computer. I advised my home office and after some investigation they have advised me that I can continue to use my computer, however I have real concerns since I have access to not only my own social security information but other social security information for employees within my office. Computer continues to indicate that the spyware is active. What should I do?
Answer: Your IT department should investigate further to identify the source of the spyware message and reasons for it.

***************************************
Question: Would you recommend sender address verification email protection solutions such as Sendio?
Answer: Sender address verification is a good idea but it does not completely protect you from phishing attacks.

***************************************
Question: Since the online tax preparation sites can be fake, how do I ensure that the site I want to use is authentic?
Answer: You have to make sure that you type the URL correct and that the site is using a signed and legitimate SSL certificate.

***************************************
Question: How legitimate are those freecreditreport.com web sites?
Answer: There is a government site www.ftc.gov that has information on free credit reports.

***************************************
Question: If your ISP provider says they provide a firewall, is that enough for protection or should you get your own firewall?
Answer: It is always good to run a host-based firewall in addition to what is provided to you by your ISP.

***************************************
Question: How do you check to see if your firewall is on at home and at work?
Answer: It will depend on your operating system but in Windows, you can open the security center to see the status of the firewall.

***************************************
Question: Is there a safer OS then others? Linux, Windows, Mac, BSD?
Answer: No - they are all vulnerable although attacks seem to target the more popular OS's.

***************************************
Question: Given the recent widespread DNS vulnerability, do you recommend home users to direct their DNS queries to OpenDNS?
Answer: Pointing your DNS to a known secure DNS server is definitley a good idea.

***************************************
Question: Would you recommend state and local governments not offer online employee directories to avoid accessing email information?
Answer: This is something that should be decided by your state local government Information Security Officer. Risk analysis should be performed on a case-by-case basis to determine if it is important to post that information or not.

***************************************
Question: What about posting an email address on a job search sites?
Answer: It is a risk analysis issue and it is up to you to make that determination.

***************************************
Question: How do you turn on the firewall? Doesn't it come with software on the computer?
Answer: Most recent Windows and MAC computers will automatically come with a firewall and it will be enabled. In windows, you can enable your firewall by going to firewall setting in the control panel.