CommandN the excellent Tech show mentioned spam this week (show #149) and also the comments were a good read also on their site. If you have not caught the show go watch asap. http://commandn.typepad.com/
I thought of the recent show whilst cleaning up and configuring some email accounts. There was an amazing amount of spam email and it can be a huge pain to many. Luckily with precautions and good filtering the pain can be reduced (I will cover that in another post sometime). I completely agree with CommandN’s views regarding spam, you can go check out the show and comments to find out what they were!
However lurking amongst the spam was the dreaded….phishing emails. Basically when someone wants to trick you into giving sensitive data, then to go and abuse your identity (identity theft) and usually try and steal money. http://en.wikipedia.org/wiki/Phishing
I am going to write about the most obvious phishing emails many people see. The ones pretending to be from your bank. However always follow the tips I mention regarding any email.
Recent bank phishing emails I have seen are for: Abbey National Bank Plc, Egg Bank, Halifax Bank Plc, HSBC Bank Plc, Lloyds TSB Online Banking, National Westminster Bank & Royal Bank of Scotland.
However you name the bank and I am sure there are phishing emails flying all over the place.
So what about the subject lines? Here are the recent ones I’ve seen:
Inportant Customer Service Message
Dear Customer: Account Alert !
Please Update Lloyds Tsb Internet Banking
[Spam] Your New Abbey Bank National
Lloyds TSB Security Precaution.
Lloyds TSB Security Update Message
Online Security Check
You Have One New Message
CUSTOMER SERVICE MESSAGE
Egg Bank Account Management Notification
Lloyds TSB Annual Security Update
Abbey Security Alert! You have (1) Urgent
YOU HAVE 1 NEW MESSAGE(SECURE)
SECURE YOUR ACCOUNT.
Important Information:Essential updates
Online Access Suspended
Royal Bank Of Scotland Customer Service
Alert : You have 1 new Security Message
Internet Online Account Upgrade 2008
Halifax Online Banking Alert : Important M
Important Update Concerning Your Online
Your Account Has Been Blocked – Restore
Update Your Account Security Please!!!
Lloyds Security: Secure Your Online Banking!
Internet Banking Alert
Funds Has Been Transferred To Your Account.
Periodic Account Updates
You get the point, emails not from the actual bank and from just trying to get you interested to being very concerned and tricked into opening the emails!
So the tips?
1) Setup a separate email account for your bank account and possibly for some other important services.
2) Use your email client to then filter all the emails to that email account to a separate folder in your email client. Emails going to any other folder supposedly from your bank should never be opened and deleted straight away.
3) Turn off the auto-preview pane on your email client. So you have to double click to read any emails.
4) Turn on your spam protection and make sure it is properly configured.
5) Go to your banks web site, read the material they sent you or give them a call to find out their email policy. Would they email their clients and under what circumstances?Then take this information into consideration when looking at your emails.
For instance my bank would just call me regarding an urgent matter or send a letter. Plus they have an online message service once I have passed all the security checks where they leave messages from time to time. They do have an email newsletter, but to be honest I don’t open it and just delete it!
In general also be aware of how you use your email addresses. If you don’t need to tell the online world your primary email address, then don’t. Have separate email addresses or contact forms setup for such communication purposes as you will eventually receive lots of spam and phishing emails.
Obviously these tips won’t 100% protect you, but taking precautions such as I mentioned should be taken.
I am sure there are other great tips to help protect you against phishing emails. Please leave a comment and don’t forget to add our RSS feed for this blog to your RSS feed reader or bookmark the site.