Like we really needed this.

Hacker’s Blog

January 23, 2006

Phishing Prevention for Dummies

Filed under: Security — Hacker @ 7:42 pm

It seems that too many online institutions still don’t get the phishing threat. Take a look at this email from an ISP that puts more bait on phishers’ hooks than cutting of phishing lines.

Dear ISP Subscriber,

ISP is committed to providing you with a safe and secure
online experience — and we’d like to share some important
information to help you avoid online scams and safeguard your
computer from viruses, spyware, and other security threats.

********************************
PROTECT YOURSELF WITH THESE TIPS
********************************
1. Be wary of opening email from people you don’t know. Even
if you know the sender, use caution before opening a message
with a strange subject line or an unexpected attachment.

Hmmm. Do I know you “Support”?

2. Choose your passwords carefully and keep them safe. For tips
on creating secure passwords, please visit:
http://www.ISP.net/password

Gee, that link looks safe. It’s always good to prime the clicking finger with good links first.

3. Never email your password, or sensitive personal information,
such as your credit card number, Social Security number, secret
word, or PIN.

More thoughtful good advice. This has got to be real.

4. Never click on a link in an email that asks you to submit
sensitive information, as the link can redirect you to a
fraudulent Web site designed to steal that information. To
ensure that a site is legitimate, always type the Web address
into your browser.

Gosh darn it, if that ain’t the pig’s potato I don’t know my cow pie’s from my Aunt Lucille’s mincemeat.

************************************************
INSTALL FREE ISP PROTECTION CONTROL CENTER
************************************************
The ISP Protection Control Center is your one,
easy-to-use program that provides everything you need to stay
safe online, including:

*Single scan for spyware and viruses

*AntiVirus and Firewall software with automatic updates to
ensure you’re protected against the latest online threats

*Spyware Blocker — detects and disables invasive programs that
secretly install themselves on your computer and track your
online activities

*ISP Toolbar — sits above your Web browser and includes
our exclusive Pop-Up Blocker and ScamBlocker, which prevents you
from visiting Web sites that are on our “scam list”

The Protection Control Center is available through our FREE
TotalAccess software. If you have not installed TotalAccess, you
can download the software or order a free CD copy at:
http://www.ISP.net/home/software

Gee, what great software. I should get that installed right away. Let me click on that link, which must be good since this whole message seems as caring and honest as ol’ Preacher Morganstern and if that dear man were still alive would probably be in the sermon this Sunday. Halleluhah.

Once you’ve installed TotalAccess, or if you already have the
software, you may need to run the Update Service to install
the ISP Protection Control Center. On the TotalAccess
Task Panel, just click on “Toolbox,” then “Check for Updates.”

Yessirree. I want every piece of software I own to automagically go out and patch itself without me knowing a damn thing about how it works or if it is secure.

******************************
VISIT THE MYSECURITY WEB PAGE
******************************
The mySecurity Web page has all the information you need to
protect your PC and your privacy online:
http://www.ISP.net/mysecurity

**********
NEED HELP?
**********
If you have questions, you can trade real-time messages with a
friendly Live Chat representative:
http://support.ISP.net/chat

We look forward to providing you with a safe and enjoyable
online experience for years to come.

Sincerely,

ISP Support

************************************************************
This is an Administrative Message from ISP. It is
not spam. From time to time, ISP will send you such
messages in order to communicate important information about
your subscription.
************************************************************

If the sarcasm didn’t come through clear enough, I’ll try a favored method from the 419’ers:

DEAR .COM

YOU MAY BE SUPRISED TO LEARN THAT SENDING YOUR USERS EMAIL ANY WITH CLICKABLE LINKS IS JUST TRAINING THEM TO FALL FOR PHISHING. I SHARE THIS WITH YOU BECAUSE I TRUST YOU’RE A LITTLE BIT SMARTER THAN THE PHISHERS AND MIGHT WISE UP BEFORE THEY START SENDING EMAIL THAT LOOKS JUST LIKE THIS. PLEASE AT LEAST ENCOURAGE THE USE HTTPS.

• • •
 

No Comments

No comments yet.

RSS feed for comments on this post.

Sorry, the comment form is closed at this time.

Like we really needed this.