Hands off

This month Windows Middle East turns you into a phishing expert to help you safeguard your hard-earned green from online thieves.

  • E-Mail
By  Cleona Godinho Published  April 5, 2008

3. The lock icon

If you're at a secure website, you should see a closed padlock icon on the lower right corner of the browser window. The closed lock signifies that the website applies encryption to its personal and financial data.

If you click on it, it will open a window that gives you more details regarding the security certificate. Every company that asks you for sensitive information must have a digital certificate, preferably one from an established certificate authority such as Thawte, Digicert or VeriSign.

Note that many phishers place a fake closed padlock icon on the webpage itself to trick you into thinking the page has a valid certificate.

Take the test

Now that you know what to look for in a potential phishing e-mail or website, the next step is to test your skills. Point your browser to www.sonicwall.com/phishing and take the Phishing IQ test.

This rates how good you are at distinguishing real e-mails from ‘phishy' ones. Once you've completed the test, the site will provide a post-mortem of each e-mail and explains why that particular message was legitimate or not. Try it out and let us know your scores by e-mailing us at windows@itp.com.

Background burglars

As mentioned previously, aside from using e-mails and spoof sites to ‘phish' out sensitive information, some hackers are now phishing using reputable sites. How is this possible?

Con Mallon, Symantec's EMEA product marketing director explains, "Hackers are now using well-known and reputable sites to launch attacks. There's actually a Russian-developed toolkit that lets you hack into a website and place malware in the site's code.

Therefore, as the user loads a certain webpage, there's a tiny piece of hacker code that is read by your browser.

Once this occurs, your browser is forced to connect to a remote server and then begins downloading malware onto your PC in the background. This malware can be in the form of spyware or key-logging software, which is designed to steal your personal and financial details.


According to security firm Sophos, there are whopping 9500 new infected web pages every single day. Shocking, we know. So how exactly do you protect yourself? It's simple; make sure you install anti-virus software from a reputable firm such as McAfee, Symantec or NOD32, and update its security definitions regularly.

Surf smart

Top five phishing tips every netizen should know...

1. Always verify you're at the right website before entering information

2. Visit websites by typing the URL directly into the address bar

3. Regularly visit Antiphishing.org for news and updates on phishing scams and new techniques.

4. If you feel you've been a victim of a phishing scam, you should immediately report the scam to the company that's being spoofed. If you're unsure how to contact the company, visit its website to get the correct contact info.

5. Regularly check your bank and credit card statements to check that all transactions are legitimate. If you notice anything suspicious, contact your bank immediately.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code