Antiphishing.org - Stop Phishing and Email Scams:
I received an email from an attorney acquaintance of mine today, requesting that I click on the link in the email to join something named "Linkedin". My Phishing alarms went off immediately! Has this individual shared my email address with a "Social Networking" site? Or has this persons Outlook address book been harvested by some unknown entity?
What is Phishing?
Phishing attacks use 'spoofed' e-mails and fraudulent websites designed to fool recipients into divulging personal financial data such as credit card numbers, account usernames and passwords, social security numbers, etc. By hijacking the trusted brands of well-known banks, online retailers and credit card companies, phishers are able to convince up to 5% of recipients to respond to them.
Check out this one regarding Fleet Bank: Fleet Phish
The next thing that we are going to see is the "Social Engineering" of the social networking sites such as Linkedin .
Corporations should be including security policy regarding these services, just as they are with Kazaa and other Peer-to-Peer (P2P) media sharing sites. Not only is there the possibility of personal information being compromised on individuals within the organization, there are recent reports that these individuals have been receiving a tremendous amount of SPAM.
For more information, check some of the following sources:
For more information about how to protect yourself, see our Fact Sheet 17a Identity Theft: What to do if It Happens to You at www.privacyrights.org/fs/fs17a.htm.
Read the information and tips put out by the Federal Trade Commission about phishing at www.ftc.gov/bcp/conline/pubs/alerts/phishingalrt.htm.
Read the Department of Justice's recent whitepaper "Special Report on Phishing" at http://www.antiphishing.org/DOJ_Special_Report_On_Phishing_Mar04.pdf