The October 2010 edition of “The Costco Connection” references the article “Cyber security” on the cover. (http://www.costcoconnection.com/connection/201010#pg29) When I turned to the article, I found it was all about phishing. As you probably know if you follow Iconix, phishing is on-line fraud which is perpetrated by the impersonation of legitimate email senders. Highlighted in the center of the article was this guidance from Peter Cassidy, secretary general of the Anti-Phishing Working Group:
This is not a technical issue; it all happens between your ears.
The point he is making is that in phishing fraud, the criminal is not using technology to access your stuff (money, accounts, password, email addresses, etc.) – the criminal is deceiving you to compromise your stuff. How can you tell if you are being deceived? Cassidy acknowledged that even with research, you may have trouble separating the fake from the legit.
The sidebar to the article provides practical guidance in avoiding being deceived by phishing scams. The first word of advice is to be suspicious. While this is sound advice, how do you actually do that? Sometimes it is easy. If you don’t pay for things with PayPal or buy things from costco.com, any email claiming to be from these senders is probably fake and is suspicious. But what if you just made a payment using PayPal or bought an item from costco.com? In that case an email from PayPal or costco.com is not suspicious — you are expecting to get a confirming email. In your inbox will be the real email you want and the fake ones you don’t want. Armed with suspicion, how can you find the ones you want? How do you tell the real ones from the fake ones? This is where Iconix can help.
We mark real emails from thousand of senders including PayPal, eBay, Costco, Bank of America, Twitter, Facebook, and Travelocity.com representing every industry imaginable, from banking to travel to social networking.
You can immediately find the real ones and avoid the fake ones. This is why PayPal endorsed the Iconix solution and distributes it for free:
A similar tool is available for free from Trend Micro, a leading internet security provider: