How to Protect Yourself from Phishing Attacks

by on 03/02/2010 in Scams & Hoaxes, Security, Security Info & Tips

Phishing attacks continue to grow at a rapid rate and are used mainly for identity fraud. Unfortunately these attacks are a lot easier to carry out.

TrendLabs report that a new tool by the name “Super Phisher” has been detected:

Super Phisher

The tool creates all the files necessary for the Phishing page such as an .HTML file that contains the actual page, and a .PHP file, which steals information and saves the stolen data to a .TXT file. In the screenshot below, note how the HTML page’s code refers to the local .PHP file and not the legitimate site (in this case, Yahoo!).

How to detect a Phishing site? Many of these sites look exactly the same as the legitimate site. What you need to check is the URL. This tool can’t hide the fact that the site is hosted on an URL that doesn’t seem quite right.

Always check the URL. If it looks suspicious, it’s better not to click on the link or – if you already did that – to just close the page.

Trend Micro™ Smart Protection Network™ detects Malware such as HKTL_SUPERPHISER using the file reputation service and protects users from accessing malicious sites via the Web reputation service.

If you want more protection, try downloading the WOT (Web of Trust) add-on for Firefox and IE. To learn more about WOT, please visit mywot.com.

6 Responses to “How to Protect Yourself from Phishing Attacks”

  1. Andrew@BloggingGuide

    Mar 2nd, 2010

    I’ve heard about phishing attacks but I didn’t really know about the URL! At least now I know, thanks to you.

    • Frank Jovine

      Mar 3rd, 2010

      Andrew,

      There’s many ways to prevent being attacked, but the best way is common sense.

  2. Full Time Dedicated PHP Developer

    Mar 4th, 2010

    Hey I heard about htis but dint know what exactly this is…Thanks to you know that you not only clear wht it is but also that how to take care of it…

  3. Omaha Homes

    Mar 6th, 2010

    I always receive this kinds of phishing email to m inbox. Sometime many try to phis even the Paypal links too.

    Thanks for sharing this article.

  4. scott

    Mar 6th, 2010

    As has been said, the main defence is common sense, just think before you click and ill in information, people get into data entry mode when on pc’s and tend to give away far too much information.

  5. Chicago Printing

    Mar 14th, 2010

    This news is scary specially I have a paypal account. I would like to have software to prevent this phishing activity. Thanks for the info, I really appreciate it.