Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec

McAfee advice on staying safe from Phishing attacks.

McAfee : 22 February, 2008  (Technical Article)
Phishing campaign targets HMRC database data loss victims claiming the availability of tax refunds.
On 21st November 2007, Chancellor Alistair Darling announced that the HM Revenue and Customs had lost computer discs containing the confidential details of 25 million child benefit recipients, including bank and building society details, NI numbers, addresses and child records.

McAfee has now discovered a phishing attack that targets the victims of the HMRC data loss scandal by offering the recipient the opportunity to claim a tax refund of £215 from the Government. The email contains a web link to a suspect site.

"This phishing attack has echoes of traditional get rich quick scams, praying on the desire to be compensated for the Government losing their data, but people must learn that there really is no such thing as free money. Recent high profile data loss incidents have left the public more vigilant about handing over information that has any link to HMRC, so this may not be the most thoroughly considered phishing attack." said Greg Day, McAfee security analyst.

McAfee offers the following advice to consumers on how to spot a phishing attack:.

* Phishing scams use fraudulent emails and websites, to impersonate legitimate businesses, in hopes of getting you to disclose your personal information. Legitimate businesses will never send an e-mail asking a customer to update personal information.

* Don't enter your personal information onto a pop-up screen. Phishers may direct others to the website of a real organisations website, but then an unauthorised pop-up screen created by the scammer will appear, with blanks in which to provide your personal information. Install pop-up blocking software to help prevent this type of phishing attack.

* When providing your personal information to a business website, check for signs that the site is secure. A padlock icon on the browsers status bar or a URL for a website that begins with "https:" ( "s" indicates "secure"). However, be aware that these signs are not 100% foolproof, since even security icons might be forged.

* Know where you're going online. Security technology such as McAfee SiteAdvisor warns of risky sites that might have a virus or spyware before you click on them. SiteAdvisor adds intuitive red, yellow, or green ratings to sites and search results based on proprietary tests of more than 95% of traffic on the Internet.

* Install comprehensive security software, and keep it up to date. Some emails contain software that can damage your computer or track your Internet activities, without your knowledge. Both anti-virus software and a firewall will protect you from inadvertently accepting such unwanted files.

* Never cut and paste the link from a message into your Internet browser. Phishers can make links seem as if they're going to a legit place when they're not. Open a new Internet browser and type in the company's correct Web address manually.
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo