Malware

Peter Cochrane's Blog: Phishing tackled

One lapse and you've swallowed the phisher's bait - hook, line and sinker...

Written in a hotel in Charlotte, North Carolina, and dispatched to silicon.com over a London 3G network.

No matter how tech-savvy, aware and cautious we are, all can be undone by tiredness.

A good friend of mine was recently the victim of a phishing attack. It was made all the worse because he succumbed despite his ability, years of experience and his standing in the tech community.

I first became aware of the problem when I received a begging email from him. Flat broke and in financial difficulty, he was asking for money. The email might as well have said the sun was going to fall out of the sky.

Shadow of a hand over a keyboard

Security is never absolute, so employ additional measures against phishing attacks
(Image credit: Shutterstock)

Almost immediately, people emailed him warnings to another account, and he quickly discovered his main email account had been hacked and he could no longer log on.

A frantic day followed. No real damage was done, but he wasted time putting things right and his pride was hurt. We were all sympathetic - it could happen to anyone.

Yet how did it happen? My friend was on the road and staying in a hotel. It had been a long day and he was tired, and he just clicked away in error. It was as simple as that.

What can we do to defend ourselves? There is a lot of free security advice on the web, including recommended software applications and services. However, security is always relative and never absolute. Everything has shortcomings and nothing is 100 per cent foolproof.

So here are some extra measures you can employ against such attacks. These measures yield useful information and insights.

Step 1
Look carefully at the source email or website address to see if it appears genuine. If it does not, or you are in any doubt whatsoever, then employ a network utility to look it up:

  1. Ping: cannot resolve www.stringarihyles@aol.com: Unknown host
  2. Who is: No match for "HTTP://WWW.STRINGARIHYLES@AOL.COM"
  3. Look Up: Multiline +nocomments +nocmd
  4. Trace Route: Unknown host www.stringarihyles@aol.com

The example above relates to an email and website of dubious provenance, and I certainly would not be tempted to click through to it or give any information. In contrast, the one below is 100 per cent genuine and I would be happy to give a limited amount of data:

  1. Ping: 64 bytes from 64.30.XXX: icmp_seq=1 ttl=240 time=182.450 ms
  2. Who is: connect():www.google.com.com
  3. Look Up: www.google.cbsi.com cname +multiline +nocomments +nocmd
  4. Trace Route: phx1-ss-2-lb.cnet.com (64.30.224.112), 64hops, 52 bytes

Step 2
Keep wide awake, stay alert and immediately report suspicious emails and websites to your ISP. If only everyone did this, the problem would be significantly diminished.

In all forms of criminal activity and vandalism in the real and virtual worlds, we are the biggest threat. By not remaining vigilant, by not reporting what we see and experience, we leave the door open for more attacks.

About

Peter Cochrane is an engineer, scientist, entrepreneur, futurist and consultant. He is the former CTO and head of research at BT, with a career in telecoms and IT spanning more than 40 years.

0 comments

Editor's Picks