Hands off

This month Windows Middle East turns you into a phishing expert to help you safeguard your hard-earned green from online thieves.

  • E-Mail
By  Cleona Godinho Published  April 5, 2008

This month Windows Middle East turns you into a phishing expert to help you safeguard your hard-earned green from online thieves.

According to research firm Gartner, approximately 3.6 million people lost money to cleverly crafted phishing e-mails and spoof sites in 2007, in contrast to 2.3 million in 2006.

In the USA, it's estimated that a whopping 3.2 billion dollars was stolen in phishing scams in 2007. Now that's a lot of money.

Hacking at home

So what's happening here at home? In July of last year, the RSA Anti-Fraud Command Center of the RSA, the security division of EMC, reported that customers of many Saudi Arabia and Dubai-based banks, along with financial services firms, were being targeted by phishers.

According to a Gulf News report, in July 2007 Dubai-based Anees Mohammed received an e-mail, supposedly from National Bank of Abu Dhabi (NBAD), the UAE's largest bank. However, Mohammed soon realised it was a phishing e-mail. The big clue?

He didn't even have an account with the bank! Apart from NBAD, Citibank and Commercial Bank of Kuwait are also current known phishing targets.

In June, officials from regional auction website Souq.com had posted a message on the site's public forum stating, "Some of our users are getting e-mail messages asking them to click on a link provided in the e-mail to activate their Souq accounts. The link takes you to what appears to be a Souq.com login page. This is a fake page and has nothing to do with Souq.com.

Lost in translation

Recently, the editor of Windows Middle East Arabic, Samer Batter received a phishing e-mail in Arabic. Phishing in non-English languages isn't new, but the intriguing part was its translation.

According to Batter, the e-mail didn't make any sense, and was most likely the product of an online translation service such as Word Lingo or Babelfish.

Lance Spitzner, founder of the Honeynet Project - a global security research institute - reckons attacks on Arabic-speaking users will only increase.

On his blog he states, "As the bad guys begin to exhaust the English speaking populations, I'm sure they will start targeting emerging regions such as the Middle East. I'm quite sure over time they will polish and improve their attacks on the Arab community, just as we have seen here in the West."

Don't get hooked

Now considering the huge number of websites you might visit everyday, both regional and international, it's crucial that you recognise a phishing scam when you
see one.

To help you hook those cunning phishers before they hook you, read on and take notes. What you learn here could save you a fortune!

Back to basics

For those of you that are new the world of phishing, the term refers to a method of data theft, usually involving spoof websites and e-mail messages, the aim of which is to make you believe you're giving personal or financial info to a trusted source.

When the reality is you're basically placing your details and data in the hands of a thief.

Once they gain access, they can potentially use your personal details to commit identity theft, charge your credit cards, empty your bank accounts, read your e-mail and much more.

In the last year however, hackers have formulated a new, creative way to steal personal and financial data, namely by using reputable sites.

5 ways to recognise a phishing e-mail

1. The ‘From:' address

Most phishing e-mails include a legitimate looking e-mail address to make it appear that the message is coming from your bank or an online service. However, these can very easily be forged. So, if you spot one or more of the remaining clues here then it's likely the 'From:' e-mail address is a spoof.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code