Read
Our Blog

How to Thwart a Phishing Attack

by Gordon | on Feb 11, 2012 | No Comments

Phishing attacks are some of the most dangerous scams on the Internet today. Falling for one of them could have disastrous consequences – handing over your personal information, bank details, or passwords to scam artists that will use it to steal your money or your identity.

In this blog post we will show you some of the things to look for to avoid falling victim to a phishing attack.

What is a “phishing attack”?

A phishing attack is a form of deception. The scammer attempts to masquerade as somebody you know or somebody in a position of authority – a friend, your bank, your internet service provider, the government etc.

The scammer then asks you for personal information – the password to your email, your social insurance number or credit card number, or other confidential details about yourself.

A Phishing Example

Today I received an email from “RBC Royal Bank”, telling me that there was an issue with my account.

This was interesting, since I didn’t bank with RBC. Upon further investigation I discovered that the email was, in fact, NOT from Royal Bank but was an elaborate forgery intended to steal my personal information.

The email I received was a skillfully crafted phishing attack.

A "phishing" email I received allegedy from my bank. It certainly was not from my Bank, and what happened when you clicked that link might surprise you.

Lets see how this scam unfolds…

Google was kind enough to alert me to the fact that this could be a phishing scam, but for the sake of argument lets say that I ignored that warning.

If I had clicked on the link in this email here is what I would have seen:

This innocent looking RBC "Online Banking" sign on page was not actually from RBC, but rather a convicing forgery.

Although it looks like it, this is not RBC Royal Bank’s sign-on page. It is actually a convincing forgery. Notice the “address bar” at the top of the page that reads:

vds-9**9**.a**n-**o.com/c***orm/  (censored)

This is definitely not Royal Bank.

Lets take a look at what would have happened had I proceeded to enter my bank details into this page.

The next screen I would have been presented with might startle you:

Posing as RBC, the attacker then asked for a huge amount of personal information - including your social insurance number, ATM PIN, drivers license number, and password to your email!

While posing as RBC, the attacker then asked for an enormous amount of personal information:

  • The answers to your “personal verification” questions
  • Your Social Insurance Number
  • Your Date of Birth
  • Your Drivers License number
  • Your ATM PIN number (really??)
  • Your email address
  • The password to your email address (really???)

If at this point you entered all of this personal information in and hit submit, it all would be sent to the scammer on the other end of the line, and NOT RBC Royal Bank.

Google Apps – a shield against phishing attacks

Although nobody can completely shield you from phishing attacks, the “Google Apps” framework provides excellent protection from online threats.

In the example above, Google flagged the email as a threat and I knew immediately that it was a fraudulent email, and not authentic correspondence from Royal Bank.

Google Apps provides an extra layer of protection against phishing attacks – emails that are known, flagged phishing attacks appear with a red bar across the top warning you that the email may be fraudulent.

But in addition to improved protection from email threats, viruses and spam, they also provide out-of-the-box synchronization with many different mobile devices – iPhone, Android phone, Blackberries and tablets. The platform is a pleasure to use and a powerful email solution for any size of business.

In-Touch IT Solutions can help move your company to Google Apps

In-Touch IT Solutions offers email migration solutions to help move your company from its old email system to Google Apps in a seamless, painless transition.

Call us today to see what we can do for you.

 

 

Detecting a Phishing Attack

If you aren’t lucky enough to be using Google for your email, there are still some ways that you could detect that you are on the receiving end of a phishing attack:

1. Your bank will never contact you via email for issues with your account.

If there is a problem with your account your bank will phone you or send you a letter in the mail. Banks do not communicate over email for important issues such as problems with your account.

2. Check who sent the email

If you look at the recipient address for the email, it was:

notice@rbc.royal.bank.com

Royal bank’s actual domain name is royalbank.com. Notice how there are no dots in-between the words for Royal Bank’s actual domain name. This email was not sent by RBC.

3. Check the website address in the address bar

The biggest indicator of a phishing attack is the information in your web browser’s address bar, as shown below:

On the top is the correct URL to Royal Bank's online banking. On the bottom is the URL for the phishing attack.

The proper address for Royal Bank would have had “RoyalBank.com” in the name and would be signed with a proper SSL certificate (shown in blue on the top address bar reading “royalbank.com”).

As you can see above, the attack had a completely different address in the address bar that was not signed with an SSL certificate.

4. If in doubt, don’t click!

If you doubt the authenticity of the email, don’t click any of the links in the email. Instead, open a new browser window and navigate directly to RBC Royal Bank’s login page yourself.