On March 28, 2007, spammers sent thousands of emails that appeared to come from US Bank. These emails were actually examples of "phishing," an attack designed to make you divulge sensitive informat...
On March 28, 2007, spammers sent thousands of emails that appeared to come from US Bank. These emails were actually examples of "phishing," an attack designed to make you divulge sensitive information. This vlog entry shows what telltale signs prove the email is not from US Bank and is, in fact, malicious.
Like to rate videos and let people know what you think?
Automatically share your ratings, favorites, and more on Facebook, Twitter, and Google Reader with YouTube Autoshare.
Autoshare makes certain YouTube activities public on the services you choose. Select only the services you are comfortable with - like Facebook, Twitter, or Google Reader - to let your friends know what you like on YouTube. You can turn Autoshare off at any time.
Like to share videos with friends?
Automatically share your ratings, favorites, and more on Facebook, Twitter, and Google Reader with YouTube Autoshare.
Autoshare makes certain YouTube activities public on the services you choose. Select only the services you are comfortable with - like Facebook, Twitter, or Google Reader - to let your friends know what you like on YouTube. You can turn Autoshare off at any time.
This video has been removed from your Favorites. (Undo)
Like to Favorite videos and let people know what you think?
Automatically share your ratings, favorites, and more on Facebook, Twitter, and Google Reader with YouTube Autoshare.
Autoshare makes certain YouTube activities public on the services you choose. Select only the services you are comfortable with - like Facebook, Twitter, or Google Reader - to let your friends know what you like on YouTube. You can turn Autoshare off at any time.
I disagree that because people continue to fall for it, it is not common knowledge. People continue to drive over train tracks when the light is blinking also and they continue to burn themselves on hot food. Both are "common knowledge". That does not mean no one ever does it....der.
I work in the fraud department of US Bank and all of the information provided in this video is excellent. Like he stated, banks generally don't send e-mails requesting account information, for security purposes. It's really quite pathetic how many people actually respond to phishing e-mails and texts like those mentioned in the video. Please people, don't be so fucking stupid.
lavagolemking is right about link-checking. You should never tell users to look at the source code when link-checking is the main reason for the status-bar's existence (even in email programs). Even popup windows now always appear with a status bar at the bottom (according to default settings).
Finally, going by the appearance of a URL on the rendered page is a big no-no. It could look perfectly normal there yet send you to a malicious site. Use hover & status bar instead!
Most users won't understand the HTML source, so you should have hovered over the link and emphasized the link target at the bottom.
You didn't explain what a drive-by download is. It means that some program (usually a virus) is automatically loaded when you open the page.
Not all browsers have phishing filters, and not all phishing sites will be detected, since they are based on a blacklist. That shouldn't be your only determination of legitimacy.
A few years ago, I got some phishing email disguised as eBay and paypal, both of which I use. What tipped me off was they asked for my social security, which obviously neither site needs.
Thanks for taking the time to teach us about these things! I knew enough NOT to click on a link in my email, but wanted to know more. You explained it very well. :)
It's interesting to see what these sites actually look like. But, really, the first tip is the only one you need. If you get an e-mail from your bank or any bank, it's fake unless you specifically requested it. And no bank will ask for you to reconfirm information online. They'd send you a letter and ask you to go to the branch, or phone you to request same. Sadly, the phishers wouldn';t go through the trouble if there weren't many people falling for this scam every day.
Autoshare makes certain YouTube activities public on the services you choose. Select only the services you are comfortable with - like Facebook, Twitter, or Google Reader - to let your friends know what you like on YouTube. You can turn Autoshare off at any time.
I disagree that because people continue to fall for it, it is not common knowledge. People continue to drive over train tracks when the light is blinking also and they continue to burn themselves on hot food. Both are "common knowledge". That does not mean no one ever does it....der.
Finally, going by the appearance of a URL on the rendered page is a big no-no. It could look perfectly normal there yet send you to a malicious site. Use hover & status bar instead!
2/5
Most users won't understand the HTML source, so you should have hovered over the link and emphasized the link target at the bottom.
You didn't explain what a drive-by download is. It means that some program (usually a virus) is automatically loaded when you open the page.
Not all browsers have phishing filters, and not all phishing sites will be detected, since they are based on a blacklist. That shouldn't be your only determination of legitimacy.
4/5