Talk:Phishing

From Wikipedia, the free encyclopedia

	Phishing is a featured article; it (or a previous version of it) has been identified as one of the best articles produced by the Wikipedia community. If you can update or improve it, please do.
Article Milestones Date Process Result May 25, 2005 Featured article candidate Not promoted June 20, 2005 Peer review Reviewed August 24, 2005 Peer review Reviewed August 24, 2005 Featured article candidate Promoted August 11, 2006 Featured article review Kept Current Status: Featured article

↓ Skip to table of contents ↓

This article has been selected for Version 0.5 and the next release version of Wikipedia. This Engtech article has been rated FA-Class on the assessment scale.

This page has been cited as a source by a media organization. See the 2005 press source article for details. The citation is in: Chris Richardson. "New Phishing Law Could Net Offenders 5 Years", WebProNews, March 3, 2005.

This page has been cited as a source by a media organization. See the 2005 press source article for details. The citation is in: Loren Baker. "Microsoft Sues Phishers Over Identity Theft", Search Engine Journal, April 2, 2005.

This page has been cited as a source by a media organization. See the 2005 press source article for details. The citation is in: Jason Gretencord. "Fraudulent e-mails biggest threat to Internet users", Indiana Statesman, June 22, 2005..

This page has been cited as a source by a media organization. See the 2006 press source article for details. The citation is in: Lynn Wilde. "Layton family falls victim to online ‘phishing’ scam", The WSU Signpost, January 23, 2006..

This page has been cited as a source by a media organization. See the 2006 press source article for details. The citation is in: Newegg.com. "October 2006 Phishing Scam", Newegg, November 8, 2006.

	To-do list for Phishing:	edit  · history  · watch  · refresh
Here are some tasks you can do: maintain featured article status remove any link spam that is added

Contents 1 Be aware of how it works. 2 SecurityFocus cite 3 Quote from Washington Times 4 Section needs Improvement 5 AlMac Comments 6 Another Peer Review 7 Too many external links 8 Copyleft violation 9 Examples Section 10 Userfriendly image (stay or go) 11 Changes by 68.193.245.80 12 Katrina Phishing 13 Phishing example 14 BANK OF AMERICA SCAM 14.1 Image talk 14.2 Figure incorrect for UK damages 15 Fake porn sites 16 One time -password phishing 16.1 One-time password phishing 17 West Point 18 Phishing in the 1980s 19 Phishing for fun? 20 National prominence of Phish band 21 Change I'm requesting 22 I got revenge on a phisher! 23 Added reference 24 cracker vs. phisher 25 Addition Request 26 large ftc block 27 Merge with Social Engineering? 28 Add Phishing by Police 29 Examples of Phishing??? 30 Removed HoodedHound's image 31 Facts needed in AOL phishing section 32 Newegg.com 33 Website spoofing 34 Banks' servers hacked - not phishing

[edit] Be aware of how it works.

Be aware of how it works.

Here’s what to look for:

• An email is sent that looks like it came from a site you do business with.
• The email requests that you provide or confirm personal information, login credentials or account numbers.

Here’s what you should do:

• Never send personal info, your password or account numbers in an email.
• When clicking on a link, be sure you end up on a secure site.

I thought it would be appropriate to structure the above into the main body of the discussion page. I hope this doesn't upset anyone.TheGrandMaster1 12:27, 25 September 2006 (UTC)

[edit] SecurityFocus cite

On 01 Nov 2004, this article was cited in a SecurityFocus article on phishing. Securiger 06:50, 8 Nov 2004 (UTC)

The list of phishing URL types added on 9th Feb was pinched from my page (whose URL is in the body of the email). I'm happy to make it available under the GNU FDL for Wikipedia, but the contributor should have asked. - Gerv (gerv at gerv.net)

Gerv, sorry about that! If your read this please accept out grateful thanks that you have gave us permission to use them under the GFDL! What is the link to this info? - Ta bu shi da yu 02:15, 4 Mar 2005 (UTC)

The link Gerv (a.k.a. Gervase Markham of the Mozilla Foundation) was talking about is here. ral315 05:35, Mar 9, 2005 (UTC)

[edit] Quote from Washington Times

Phishing, which stems from the word fishing, is the act of sending an e-mail to an Internet user in an attempt to get private information that could be used for identity theft, fraud or both. The e-mail, pretending to be from a legitimate business or bank, normally directs the user to a bogus Web site, where they are asked to update such sensitive personal information as passwords, bank account and credit card numbers. [1]

Can we incorporate or re-word this definition? -- Uncle Ed (talk) 14:13, Apr 19, 2005 (UTC)

[edit] Section needs Improvement

I don't understand the section on Wildcard DNS, even when reading the linked definition. What does the pipe character do in (all browsers?) under XP? How do those funny names resolve to a wildcard record? —DÅ‚ugosz

[edit] AlMac Comments

1. Security measures against one threat can make you more vulnerable to others, so perhaps there needs to be better linkage to other families of computer security threats.
   1. The Phishing article is part of the Spamming series and is in Categories including Internet Fraud. Perhaps there should be "See also" or some kind of linking to other related Personal Computer Security topics.
      1. Computer Viruses
      2. Reasons for having a Firewall
      3. Notion that most software labeled as Anti-Spyware is in fact Spyware.
      4. All of this rightfully belongs in separate Wiki articles. All I am trying to say here is that the linkage to these other topics could perhaps be improved from the Phishing article.
2. As a newbie, the first thing I tried to work on was Security breaches.
   1. I had barely started keying in plans for a much larger contribution, when I was informed that I was in violation of POV.
   2. I stepped back and tried to repair that, only to realize that my writing was severely hurt by the process.

[edit] Another Peer Review

I want to get this article to reach FA status. Does anyone have any comments to make before I nominate it again?-ZeWrestler ^Talk 12:31, 26 July 2005 (UTC)

OK, please consider all of this constructive criticism, I've been reading WP for a while, but only recently signed up as a user, and my edits have been limited to very minor changes. That said . . . A lot of the "Early Phishing on AOL" section seems speculative. I can see where the basic information came from (the greenarmor.com link), but the information about the close connection to the warez scene, and particularly the line about young teens growing up and getting jobs to pay for an ISP seems speculative.

The section that follows is entitled "Additional Attack Methods" -- additional to what? The first sentence says "besides URL spoofing", but URL spoofing has not previously been mentioned or described. The style of that section then quickly switches to tutorial (i.e. "hover your mouse over this link . . . "). That link is probably not self-explanatory to the average reader, either. I believe it would be better to include actual URL and an explanation of why it does not do what the average reader might expect. The "IDN spoofing issue" is mentioned, again without prior reference.

The eBay example is not self-evident, as the link underlying "click here" is not visible. The other two examples refer to using images to fool anti-phishing software, but again, there has been no prior mention of anti-phishing software. LarryMac 14:13, 5 August 2005 (UTC)

• The ebay example I am planning on replacing with a better example from paypal. So that will be fixed soon. Your critism is welcomed. I will try to fix the article based on what you said, but if you can go ahead and improve anything yourself, by all means go ahead and do it. Also, feel free to participate in the peer review. The link to it is on the top of the talk page. --ZeWrestler ^Talk 14:37, 5 August 2005 (UTC)

I don't have a wikipedia account, but I'd like to offer this small correction: "Johanson, Eric" cited at the references below... I've changed my legal name to "Johanson, 3ric". Please consider updating it. Refernce: http://3ricj.livejournal.com/5004.html I've also finally gotten http://www.xn--pypal-4ve.com/ back online. Thanks!

[edit] Too many external links

I'm starting to think that this is a linking board. Does anyone else think this page has too many external links? --ZeWrestler ^Talk 00:22, 28 July 2005 (UTC)

• Agree, I would remove the links to gishpuppy.com (their short bit on phishing adds nothing to article), http://www.geocities.com/phishingmemo (not bad but too juvenile), and move many others to this talk page. I've also added a merge|Phishing request to Anti-phishing after removing links that were duplicated from here. -Wikibob | Talk 23:31, 2005 August 2 (UTC)
  • Oh I couldn't agree more here. Some links don't need to be there. One obvious was the webopedia which was a dictionary link. Another one I question is the Sharecube link. --Paul Laudanski 05:09, 3 August 2005 (UTC)
  • I've removed gishpuppy, the geocities page and the sharecube links. Are there any more that you guys see that should be removed? --ZeWrestler ^Talk 12:49, 3 August 2005 (UTC)
    • I'll have to give it another look a bit later.--Paul Laudanski 13:43, 3 August 2005 (UTC)
      • The software links are a nice addition but will likely change over time and so would be better off, as someone said, in here (the talk page)?? Not sure how we do these things exactly. But I agree that the links are a bit heavy. Do any of the anti-phishing subheading links have a lot of these software links already? If so, then they definitely are not needed. --Exmachina 16:39, 3 August 2005 (UTC)
  • Mike Podanoffsky. In my humble opinion, there section needs some text, maybe not links, to a solutions page. The solutions, or lack thereof, should be non-product specific. Granted, I am in this space with ShareCube, but there is more to an entry in Wiki than just here is the problem. Many believe that SSL or some other technology solves the problem. I am interested in your opinions on solutions and solution text. Thanks.

[edit] Copyleft violation

Content literally lifted without attribution on a link farm site: http://www.fraudwatchernetwork.com/website/phishing.html JavaWoman 04:17, 2 August 2005 (UTC)

• Hey. I see what you mean about a copy violation. I decided to do some digging and here is something i noticed about the article you pointed out and a change a made during the last peer review. [2]. If you look at the compared version of in the link i just provided and the link you gave, you'll see that the paragraph's match after i made a copy edit. Not previously to that. If the older version matched the link you provided I would have said otherwise. But after i made a few random changes from what the text originally was, the newer text matches that of what was supposedly copied, I am inclined to say that whoever created the article in the link you provided copied off of wikipedia. I have seen this happen before with other articles. May you look into finding a date when the article you gave was created/copyrighted, because I have a feeling that it was created after this article was written. --ZeWrestler ^Talk 12:23, 2 August 2005 (UTC)

[edit] Examples Section

I am wondering if we really need all three phishing examples? The last two are, as you say, practically the same so that maybe just keeping the 3rd example would be sufficient between those two (esp since the text with this one is more informative). It just seems like they take up so much room as it stands now. Maybe they could be made smaller also/instead? --Exmachina 16:44, 3 August 2005 (UTC)

[edit] Userfriendly image (stay or go)

The following is an part of the convo from Wikipedia:Featured article candidates/Phishing.

+++++++++++++

• Not sure if the User-Friendly FAQ entry helps much, though--it appears to allow non-commercial use only, which violates the GFDL. Might want to either justify fair use or yank the strip (it doesn't seem essential to the article, esp. considering the large number of other excellent illustrations). Best wishes, Meelar (talk) 15:58, August 24, 2005 (UTC)
  • The user friendly copytag is not listed under GFDL. It is listed under Free licenses. GFDL does not apply to this image. Copyright for the image applys to this site, because the image is being used for educational purposes, as specified on the FAQ above. If the image becomes too much of an issue, i'll remove it from the article, but personally, I would preferr to keep it in. I believe it adds a nice touch to the article. --ZeWrestler ^Talk 17:07, 24 August 2005 (UTC)
    • The User Friendly image isn't compatible with Wikipedia, unfortunately. He says he's fine with re-use, "as long as no money changes hands"--this essentially prevents commercial sites from mirroring this image. Non-commercial-use-only images aren't acceptable. I personally would pull the image. But with or without it, this is a very feature-worthy article. Best, Meelar (talk) 17:37, August 24, 2005 (UTC)

+++++++++++++

I figured the best thing to do is let the people who read this article decide on what should happen with the image. Should it stay or should it go? --ZeWrestler ^Talk 17:52, 24 August 2005 (UTC)

Okay, my view:

• image doesn't add to the article - which is the critical point
• would you get that image in a paper encylopedia?
• will anyone who hasn't seen Userfriendly understand it?
• Userfriendly *just isn't funny*

-82.33.52.78 23:30, 30 August 2005 (UTC)

Please be aware that as a {{noncommercial}} image uploaded after May 19, 2005, the image may be deleted at any time. --Tabor 23:33, 31 October 2005 (UTC)

[edit] Changes by 68.193.245.80

Look out for this IP, 68.193.245.80 - it appears to be Joseph Steinberg, who has been pushing his GreenArmor solution, and placing sites which link to his URLs in the links section of phishing and pharming. The sites often rehash old Wikipedia content, such as his own site at phishing-pharming.com (registered to him).

Joseph - you're quite welcome to edit the content, but this isn't your personal advertising board.

Oh, and I've had fun making changes to this article - my first big series of edits - and I hope you all can work with them to improve the article further. -82.33.52.78 13:26, 28 August 2005 (UTC)

• Like i've said before, you should register with the site. That way we know who did all of the work. You've been a big help to this article. So it'd be great to have a user-name to associate with for thanking you.--ZeWrestler ^Talk 14:26, 29 August 2005 (UTC)
• Reverted changes by him. I looked through what he did, you were correct. it was all link spam. --ZeWrestler ^Talk 14:26, 29 August 2005 (UTC)

[edit] Katrina Phishing

CNN Article about phishing]

Hurricane Katrina has really generated a lot of phishing scams. Thought i'd share it with people here. --ZeWrestler ^Talk 16:16, 9 September 2005 (UTC)

[edit] Phishing example

Should something be done about the example image? I don't know if identifying a particular bank is a good idea...

Maybe the image should be degraded with a visible "EXAMPLE" watermark to prevent trivial re-transmission by wannabe phishers. It's one thing to give a low-quality example, but to provide the original image verbatim might be a bit questionable.

--203.45.114.193 00:32, 23 October 2005 (UTC)

[edit] BANK OF AMERICA SCAM

I just got sent this email.. Anyone whos seen the example on the main page would recognize the style of it

Feel free to add this as an example in relation to this topic

Take notice to the fact that the email address is from: service@bankofmerica.com

The URL is fake as well. It takes you to: http://www. .de/templates/update/update.htm

Which is a template based off the BOA style sheet and asks you to fill in all your relevant banking information

Including your pin and all your personal information.

If u take all the folders off the url and go to the root at: http://www. .de/ It takes you to deutch forum page.

I have notified BOA about this issue and they are looking into it now

But beware of things like this.

Image:Bankofamerica phish.jpg

Sincerely,

William Hamilton aka o0paradox0o

I removed those for URL, since this was settled complete meanwhile. I had a quantity annoyance therefore. Obviously my ftp account for these actions was abused. 129.35.231.16 11:36, 19 January 2006 (UTC)

o0paradox0o@gmail.com --O0paradox0o 15:20, 8 November 2005 (UTC)

[edit] Image talk

This discussion was originally at WP:FAC, but was then moved to WP:FAR and has now been moved here because the issue, the lack of an image, has been solved thanks to User:Andrew Levine.

A tough article to find an appropriate picture for, but it's been requested for the main page. →Raul654 02:17, 31 October 2005 (UTC)

I uploaded Image:Phish.jpg, but I'm not sure if it's quite the right thing (I prefer that images don't have significant text in them). I've seen a few illustrations with something simple like a fish hook with large @ glyph dangling from it. If someone with image composition skills feels motivated, perhaps a free version of such an image could be created. --Tabor 23:12, 31 October 2005 (UTC)

BTW, how did it get to FA status with an image using the deprecated {{noncommercial}} license? --Tabor 23:25, 31 October 2005 (UTC)

I like Image:Phish.jpg; the text isn't too important to the image and it still gets the point across at thumbnail size. Creating our own flashy image rather than using one from a real anti-phishing government public information campaign might just be a little hokey and unencyclopedic.--Pharos 23:01, 5 November 2005 (UTC)

I personally don't think that an image created by some of our editors would be unencyclopedic. Depending on whats created, i think something better could be created by one of our own editors. I've put in 2 requests with some members of WikiProject Illustration to see if they'll create anything. --ZeWrestler ^Talk 15:56, 7 November 2005 (UTC)

• Very strong support --Adam1213 Talk+ 09:25, 5 November 2005 (UTC)
  • You do realize this is not a vote? Read the section title. -- Rune Welsh | ταλκ | Esperanza 19:14, 5 November 2005 (UTC)
• I personally think that if someone created an image of a person holding a fishing rod, that has a pc on the end instead of a hook, that would be a better picture for the article. --ZeWrestler ^Talk 15:38, 7 November 2005 (UTC)
• I just had an idea that might make a good image. Take an '@' symbol and attach a fishing hook to it. So it would look something like this. What do you guys think about that? --ZeWrestler ^Talk 22:45, 12 November 2005 (UTC)
• I'd suggest this image and this image if we can get permission from their creators or someone here can recreate them. My favorite is the first one. -- PRueda29 ^Ptalk29 03:22, 13 November 2005 (UTC)
  • Probally better to recreate one of them. The second link wasn't working for me. I do like the first one though. --ZeWrestler ^Talk 07:47, 13 November 2005 (UTC)
• I had removed this conversation thinking that Image:Phishing chart.png had satisfied this problem, since it's PD and fairly simple and important to the topic. ZeWrestler contacted me on my talk page to object, so I am reinstating it for further review. FTR, I do not support the proposed symbol (@ on a fishing rod) as being too uninformative for the reader. It would just look like an image for the sake of having an image. Tuf-Kat 06:25, 28 November 2005 (UTC)
  • I have hopefully fixed the problem by creating a public domain image for the article. It's similar to the old image that was at the top of the page, but with a different wording and a fictional bank's logo (though the image's info page makes it clear that "a real phishing attempt would claim to be from an actual bank the customer belongs to"). Tell me what you think. Andrew Levine 04:44, 3 December 2005 (UTC)
    • Looks great! Thanks a lot! Tuf-Kat 07:12, 3 December 2005 (UTC)
    • Agreed. I like it --ZeWrestler ^Talk 15:06, 3 December 2005 (UTC)

[edit] Figure incorrect for UK damages

The figure for UK damages from phishing listed in Section 3: Damage caused by phishing is incorrect. The figure quoted in The Register article relates to total card fraud in the UK in 2004 as found by Apacs. The original article this figure came from can be found here http://www.apacs.org.uk/downloads/cardfraudthefacts05.pdf

The figure relating to phishing damages in the UK is actually £12 million (found in the above document).

[edit] Fake porn sites

I remember reading in PC Answers once that at one time the most common form of Internet fraud consisted of bogus pornographic websites which asked for credit card details, supposedly as proof of age. Does anyone here know more about this? GCarty 15:40, 13 December 2005 (UTC)

[edit] One time -password phishing

[edit] One-time password phishing

the following was taken out of the article. Rather than lose it to the archeives, i've put it here. For a debate weather it should be used or not.

The Register [reported in October 2005] about a new type of phishing directed against one-time passwords. F-Secure explains that the online banking customers were given a scratch sheet, which contains a certain number of hidden passwords. As customers use the service they uncover the next password in the list, which gives them access to their account. The phishing website would always complain about the scratch code, thus adding more scratch codes to the criminals records.

--ZeWrestler ^Talk 15:19, 20 December 2005 (UTC)

I put a reference to this in the article, as:

This (and other forms of two-way authentication and two-factor authentication) are still susceptible to attack, such as that suffered by Scandinavian bank Nordea in late 2005^[3].

-62.31.82.51 11:09, 22 December 2005 (UTC)

[edit] West Point

"In a June 2004 experiment with spear phishing, 80% of 500 West Point cadets who were sent a fake email were tricked into revealing personal information."

Perhaps it should be noted that the experiment tested a population specifically trained to follow orders without question, and that the result might therefore be artificially high.--—The preceding unsigned comment was added by MBlume (talk • contribs).

If that's true, then I could send them an e-mail saying "Hello, I'm some guy who you've never heard of. Send me all your money because I say so." I'll be filthy rich in a matter of weeks! JIP | Talk 10:00, 26 April 2006 (UTC)

[edit] Phishing in the 1980s

Think phishing is 'new' or an 'internet' thingy, think again... it was rife in Universities for spoofing academic network logins err in the 1980s most certainly, and most likely long before also (very big yawns all round...)--—The preceding unsigned comment was added by 87.228.168.232 (talk • contribs).

Do you have cites for that? Can you contribute to the article? -82.40.166.124 14:34, 5 April 2006 (UTC)

I don't have any cites about the academic network phishing, there has to be some reference on some newsgroup.

I have another example (again without cite), this one of phishing protection built into logins for medical/health authorities in 1980s.

Some health authorities in UK, using MUMPS based systems at least in the 1980s, used a 'login verification response keyword, as protection against such attacks.

Basically it went like this: you logged in with normal username/password, then the system would respond with your special codeword, only if you verified the codeword as correct would your login proceed.

Basically this worked on the principle that the 'phisher' would not know your secret response code which was only generated by the 'real' server. Quite a nice simple solution, however relied on user vigilance.

[edit] Phishing for fun?

Not all phising involes money scams some are just to get an account on a recreational site such as myspace to mess around with the profile, prephaps that should be added into the article? —The preceding unsigned comment was added by 68.45.92.85 (talk • contribs) 23:14 2 May 2006 (UTC).

[edit] National prominence of Phish band

I assume "national prominence" refers to the United States (the article on Phish states that they were an American band)? I clarified the text accordingly. Mtford 10:48, 8 June 2006 (UTC)

• That shouldn't even belong in this article. Completly unrelated to the topic. I removed it. --ZeWrestler ^Talk 16:44, 8 June 2006 (UTC)

[edit] Change I'm requesting

On the page at the bottom there is a box with the 'articles on spamming links' all in it, separated into a few main categories, yet some of the links are split over two lines and it's hard to tell which heading they go with. Could someone please expand the width of the box so that each topic's links take up only one line, it would make navigation and understanding easier, for me, and I think for others as well. Thank-you

[edit] I got revenge on a phisher!

I just received yet another eBay phishing mail. What was interesting was that the URL actually used FTP instead of HTTP, and included the username and password. So I went to the site with a dedicated FTP client, entered the username and password, received the HTML, modified it, and put it back. Now people who get the same phishing mail will see "This is a phishing site! Do not enter any information to this site or the phisher will steal your credit card!" when they click on the link. I don't know how long it will stay that way, if the phisher finds this out. This is the first time I've actually had proper revenge on a phisher. JIP | Talk 16:14, 4 July 2006 (UTC)

[edit] Added reference

I'd agree that it isn't necessary, but it was a response to a ^{[citation needed]} tag. Rather than remove the tag without a reference to add, I added a reference. If you all think the reference isn't needed, you can take it out. Moncrief 22:24, 16 August 2006 (UTC)

[edit] cracker vs. phisher

The use of cracker in place of phisher is incorrect. Cracker is commonly used to describe a person who maliciously hacks into secure directories where a phisher "fishes" for vulnerable users to reply to a phishing scam.I already forgot 08:22, 21 August 2006 (UTC)

[edit] Addition Request

I would like to ask a section for reporting phish be added under the Anti-Phishing heading. Many people don't know what to do with phishing emails, and as a result they are deleted and the phisher continues on. I did not make the addition myself because I'm associated with PIRTand I believe it should be included in the new section along with several other institutions. I am not sure what the rules are around making such additions, I don't want it to be viewed as spam so I thought I would bring it up here. In a nutshell, PIRT stands for "Phishing Incident Reporting and Termination". We started up about 5 1/2 months ago. The service is 100% free to the public, the brands and the companies getting our feed. We are staffed by volunteers from around the world who dedicate their time to taking down phish. RLaudanski 18:25, 26 August 2006 (UTC)

• Interesting suggestion. my only question is how encyclepedic is it? --ZeWrestler ^Talk 20:52, 26 August 2006 (UTC)
  • I don't think I can answer that question as I'm not in the business of creating encyclopedic material, that is why I posted a link to it so you could take a look for yourselves and determine if it merits being added to the article. I suggested it because I think there needs to be a standard reference that tells people who they can report phish to. There are literally 1000's of people who report phish to antiphishing.org not realizing that they don't actually do anything to shut those phish down, they use the information for statistical purposes. I'm not saying don't report to them, we actually send our feed to them. WikiPedia is considered "authoritative" in many subjects, it makes sense to me to include something on reporting. Then again it also makes sense to me to include something on what to do if you have been the victim of identity theft via phishing. I don't know if either would be considered encyclopedic.RLaudanski 21:32, 26 August 2006 (UTC)
  • We could add a new section to the anti-phishing part on "reporting and takedown" or some similar heading. It could include the line on the 24/7 services that is in the "technical responses" section, and include reporting phishing. Some of the more notable services could be listed, but Wikipedia isn't a web directory, so we would have to make it fit into structured prose and not be a prescriptive list - and we should, if we can, base it on a secondary source, not straight from the PIRT page. I found this page with a quick search, for example. --82.33.54.90 13:16, 29 August 2006 (UTC)
  • Done. --82.33.53.103 00:07, 22 September 2006 (UTC)

[edit] large ftc block

I removed:

---

The FTC suggests these tips to help you avoid getting hooked by a phishing scam:

If you get an email or pop-up message that asks for personal or financial information, do not reply. And don’t click on the link in the message, either. Legitimate companies don’t ask for this information via email. If you are concerned about your account, contact the organization mentioned in the email using a telephone number you know to be genuine, or open a new Internet browser session and type in the company’s correct Web address yourself. In any case, don’t cut and paste the link from the message into your Internet browser — phishers can make links look like they go to one place, but that actually send you to a different site.

Use anti-virus software and a firewall, and keep them up to date. Some phishing emails contain software that can harm your computer or track your activities on the Internet without your knowledge.

Anti-virus software and a firewall can protect you from inadvertently accepting such unwanted files. Anti-virus software scans incoming communications for troublesome files. Look for anti-virus software that recognizes current viruses as well as older ones; that can effectively reverse the damage; and that updates automatically.

A firewall helps make you invisible on the Internet and blocks all communications from unauthorized sources. It’s especially important to run a firewall if you have a broadband connection. Operating systems (like Windows or Linux) or browsers (like Internet Explorer or Netscape) also may offer free software “patches” to close holes in the system that hackers or phishers could exploit.

Don’t email personal or financial information. Email is not a secure method of transmitting personal information. If you initiate a transaction and want to provide your personal or financial information through an organization’s website, look for indicators that the site is secure, like a lock icon on the browser’s status bar or a URL for a website that begins “https:” (the “s” stands for “secure”). Unfortunately, no indicator is foolproof; some phishers have forged security icons. Review credit card and bank account statements as soon as you receive them to check for unauthorized charges. If your statement is late by more than a couple of days, call your credit card company or bank to confirm your billing address and account balances.

Be cautious about opening any attachment or downloading any files from emails you receive, regardless of who sent them. These files can contain viruses or other software that can weaken your computer’s security.

Forward spam that is phishing for information to spam@uce.gov and to the company, bank, or organization impersonated in the phishing email. Most organizations have information on their websites about where to report problems.

If you believe you’ve been scammed, file your complaint at ftc.gov, and then visit the FTC’s Identity Theft website at www.consumer.gov/idtheft. Victims of phishing can become victims of identity theft. While you can't entirely control whether you will become a victim of identity theft, you can take some steps to minimize your risk. If an identity thief is opening credit accounts in your name, these new accounts are likely to show up on your credit report. You may catch an incident early if you order a free copy of your credit report periodically from any of the three major credit bureaus. See www.annualcreditreport.com for details on ordering a free annual credit report. http://www.ftc.gov/bcp/conline/pubs/alerts/phishingalrt.htm

---

at the very least it needs massive wikification, and it seems a bit howto. RN 00:39, 4 September 2006 (UTC)

[edit] Merge with Social Engineering?

Phishing is a Social Engineering technique, shouldn't it be part of that page? While a comprehensive article is here, the technique still relies on the same cognitive biases of other SE attacks and I don't think it's prevelence makes it any more special. Comments?24.126.126.105 14:51, 20 September 2006 (UTC)

No. Without going into detail, I'll address the most obvious one...This is a featured article and has gone through much scrutiny to get to such a status. Had merging been a viable option, it would have been done during the process of making it a featured article. --I already forgot 21:02, 20 September 2006 (UTC)

I'm not sure why that is relevant to the heart of the question. Are you disagreeing that phishing is a subset of Social Engineering? It seems pretty obvious that it is and I'd think most people who are familiar with SE would agree that it is. That said, why not make a suggestion on how interested parties might understand the subset relevance? While resting on laurels is nice, it rarely leads to innovation - and isn't wikipedia about innovation and change? What's your suggestion? 24.126.126.105 02:40, 21 September 2006 (UTC)

I also believe that Phishing should stay as an article on it's own. Laymen and kids doing research aren't going to be searching for sicial engineering, they are going to search for the most obvious term. I think the Social Engineering page should have a brief description of phishing, and then point to this page for details. I'm also with I already forgot's point that featured and mainstream-referenced pages should not be moved or merged. I'd also find it strange to remove every article that is a subset of a greater article. Could you immagine if we'd merge every chemical element into Periodic Table? - NickSentowski 14:40, 21 September 2006 (UTC)

I also do not think that merging is a good idea. This is a large article and useful as is, and the social-engineering article is also large. A merger would either create an article that would be too large, or would remove too much useful information. I think NickSentowski is right, imagine if we merged every element into the periodic table. Wrs1864 16:35, 21 September 2006 (UTC)

Isn't there some way to kind of group everything together when information gets too voluminous? Maybe it would make sense to set up a Social Engineering category? The SE page lists 4 techniques, but there are so many more. Would this make sense instead of merging?63.138.87.171 18:38, 21 September 2006 (UTC)

I'm against a merge. Phishing is a featured article; Social Engineering is not nearly. Phishing merits its own article. A category makes more sense. --82.33.53.103 00:09, 22 September 2006 (UTC)

[edit] Add Phishing by Police

I would like to add the following two-part entry:

"In California, many police departments phish for identities by sending out fake red light camera tickets. See more info in examples, below."

(And, under Examples:)

"Phishing by the Police

Some phishing comes from where you would least expect it - the officials who are supposed to protect you! In California, many police departments send out red light camera "tickets" that have not been filed with the Superior Court and thus have no legal weight. The intent is to bluff the registered owner into revealing the name, address and driver's license number of the person who was driving the car. Fake ticket examples."

I have seen a comment that the police's activity is not email phishing. The person making that comment deleted my entry when I made it earlier today. I note that the title of the overall article is "phishing," not "email phishing." I note that the article includes discussion of phishing by phone call. I consulted the Urbandictionary.com, and its definitions of the term include "Scamming method used to ellicit information from "uninformed" computer users through impersonation of trusted sources." I believe that the police's activity is a good fit, as computers are heavily involved. While the initial contact is by snail mail, the scheme is furthered when the mailed document instructs the recipient to access a website where he will view the pictures - and can also supply an identity or pay the fine.

Further, since the purpose of Wikipedia is to tell us info that we don't already know, what belongs here more than info about something that is not well known? (How many of those reading this were previously aware of the scheme?)

Try Social engineering (security) instead. This is a form of pretexting. --82.33.53.103 19:38, 25 September 2006 (UTC)

And phishing is a form of pretexting AND social engineering. They're all related, as is acknowledged by the "merge with social engineering" thread above. I recognize that you desire to maintain the purity of this article, but this is not your private website where you can set things in stone. This is a wiki, which is made rich by a diversity of the most current information. Absent any cogent discussion by the persons who removed my entry, I have re-entered it.

This is also not your private website to add your POV. Please help to maintain accuracy and NPOV in the article. Thanks. --I already forgot 01:24, 28 September 2006 (UTC)

Perhaps something that you did not know about before, but it is accurate/true.

"I Already Forgot" has again removed my entry. His comment, received in a user mail: "However, unconstructive edits are considered vandalism, and if you continue in this manner you may be blocked from editing without further warning. Please stop, and consider improving rather than damaging the work of others."

I have told him I would reply here on this discussions page, and have asked him to do so also. I would like to know why my entry is "unconstructive" and "damages the work of others."

(edit conflict)I'm not the only who has rv the edit. Your edit is POV and is starting to look like linkspam as the link has been added on multiple pages with the exact same text. This is an international article on Phishing, not a platform for a personal problem or POV with local law enforcement. We cannot list every "fishing" attempt by law enforcement in every country so lets stick with internationally and well documented "Phishing". Please read up on WP:NPOV and help contribute instead of pushing your pov.--I already forgot 07:26, 28 September 2006 (UTC)

I have also asked WRS to respond here, so I will wait to see what he says, then respond.

While you wait I ask two things. 1. Please sign your edits on the talk pages. 2. Keep in mind that you (including sockpuppet and website) are the only one in the world that relates "phishing" to controversial police attempts at finding the driver who may have broken the law. Everyone else relates it to website and email scams by criminals. --I already forgot 08:11, 28 September 2006 (UTC)

Also, which I mentioned before, you are confusing "fishing" with "phishing". I dont understand how "password harvesting" (the origin of the Ph in PHishing) relates to what you describe but I can see how "fishing" does. Ok, now I feel dumb for getting into this dispute...This is my last reply. --I already forgot 08:32, 28 September 2006 (UTC)

I also support not having the content, see Talk:Social engineering (security). Though this talk is good enough reason too. McKay 13:17, 28 September 2006 (UTC)

While I wait for WRS to reply, I am adding a copy of McKays comments from Talk:Social... , for convenience. McKay's comments:

"1. Highwayrobbery.net isn't notable. Google("link:highwayrobbery.net") returns 25 results, 10 of which are either wikipedia (or derived from it), or are from the site itself. This leaves 15 links. I'd prolly put that at a non-notable level. 2. Now that I've read the content of the page, it's interesting and helpful information, but it is Original Research, which is frowned upon in wikipedia. As a summary, I don't think that there is a problem with the content, but I think that we should find a better source than the one provided." (End of McKay's comments.)--Einsteininmyownmind 18:47, 28 September 2006 (UTC)

While I'm certain your claim is legitimate, that's not the problem with your entry here. Your entry is specific to abuse of power by the police and more appropriate to something dealing with that (e.g. Police abuse of authority or something) It's kind of like discussing how you painted your house under the paint topic: yeah they're related, but someone interested in paint and what it is is not likely interested in your specific experience. Check out: Police#Ethical_issues_related_to_police to see what I mean. There is a whole area devoted to that topic and your reference to phishing and pretexting would make a lot of sense there and probably open up the minds and eyes of a lot of people who would never look up Social Engineering topics normally. 24.126.126.105 06:32, 9 October 2006 (UTC)

[edit] Examples of Phishing???

I have an example of the type of phishing used sitting in my email inbox. The conmen/women are very clever and everything looks completely legit. If it will benefit readers from seeing an example of a genuine website and a phish website, i'll put up both here - within the discussion section - if you all think it is a good idea. Then you can decide etc. whether it should go on the mainpage etc. But I think, to the uneducated readers, it is worth seeing that there is almost NO different between the legitimate site and the phish site. What do you think?TheGrandMaster1 12:22, 25 September 2006 (UTC)

I don't think we need any more examples. Those here already work well, and working on the prose would add a lot more. --82.33.53.103 18:23, 26 September 2006 (UTC)

[edit] Removed HoodedHound's image

I believe that User:HoodedHound added the image of AOL phishing as a form of self-promotion (he seems to be a phisher). Removing his name from the caption was reverted by him. I removed the image entirely. --82.33.53.103 18:23, 26 September 2006 (UTC)

[edit] Facts needed in AOL phishing section

I removed "Phishers temporarily moved to AOL Instant Messenger (AIM), since they could not be banned from the AIM server." since I couldn't find a reference for it. The rest is (sort of) covered by the two references now in this section. --82.33.53.103 18:35, 28 September 2006 (UTC)test

[edit] Newegg.com

Newegg.com's phishing advisory links to this article. I've added an {{authoronlinesource2006}} template, though I'm not sure if this is the appropriate template since newegg isn't a media source. Koweja 15:31, 20 November 2006 (UTC)

[edit] Website spoofing

This article needs work and development but is relevant to this article. WP policy is to maximise internal links both for information and to encourage editorial attention. It was deleted from See also. It is not my practice to press edits so I should welcome a discussion as to its suitability, here. TerriersFan 23:06, 26 November 2006 (UTC)

TerriersFan, I reverted that edit, and can't imagine why. It was an error and I apologize. I'll put it back, minus the redundant link in the "See also" section. JonHarder 23:24, 26 November 2006 (UTC)

Thank you for this constructive response. TerriersFan 23:53, 26 November 2006 (UTC)

[edit] Banks' servers hacked - not phishing

I removed the following text, after editing it for clarity, then deciding it wasn't phishing. It is, however, an instance of what some have called pharming. There's even a claim that "There are no known instances of pharming causing financial loss" on that article's pages.

Here's the removed (and edited) text:

In another attack, malicious intruders invaded servers of a bank hosting company used by several hundred small banks. The intruders modified the banks' real web pages, so that visitors to the trusted bank sites were redirected to false pages. The intruders could then steal passwords and other personal information entered by unsuspecting customers. The web hosting company recognized irregularities in web traffic patterns of the bank sites, and shut down its web hosting servers to thwart the attack.^[1][2]

Some security experts characterized this attack as a security breach, since phishing typically involves enticement of an unsuspecting person to visit a rogue site by way an embedded link in a spoofed e-mail message. In this case, the attack took a different spin, with breakdown in security occurring right at the source — servers operated by the web hosting company. However, security experts found that banks were not entirely blameless in this episode, too, since this type of attack could have been averted had the banks used two-way authentication to establish and prove the identities of the bank and user.^{[2] [3]}

Here is Goldleaf's own press release

Point to note from George Ou's blog:

• [while] this is technically similar to phishing, it isn’t the same thing

and the definition of phishing in this article agrees with him.

And these are the references: [4], [5], [6]

--82.40.166.44 17:40, 30 December 2006 (UTC)

Other websites where they say "this ain't phishing":

• [7]
• [8]

--82.40.166.44 18:00, 30 December 2006 (UTC)