Computerworld
Home News Blogs ReviewsWhite Papers Newsletters IT Careers

resource center


Ads by TechWords

See your link here

Subscribe to our e-mail newsletters
For more info on a specific newsletter, click the title. Details will be displayed in a new window.
IT Management
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
More E-Mail Newsletters 
 

Print edition

Phishy e-mails and Web sites: What's your responsibility?

By Larry Ponemon
August 24, 2004 12:00 PM ET
Recommended
(0)
Digg
Share/Email

Computerworld - Welcome to Computerworld.com's new monthly column on IT ethics by Larry Ponemon.
The Ponemon Institute in Tucson, Ariz., conducts independent research and education designed to advance ethical information and privacy management practices in government and business. To learn more about your interests and perceptions about these issues, we plan to ask a few questions at the end of each monthly column. We hope you will take a few minutes to respond (editor's note: The survey is now closed). If you have any questions, please e-mail us at research@ponemon.org.

-----

Tom was an avid collector of antique train sets. One morning while scanning his e-mail, he noticed one from an online auction site from which he purchased a good part of his collection.
The e-mail had the familiar logos and graphics Tom was accustomed to seeing with a tempting message that he could purchase a 1938 Lionel caboose for less than $50. The message was irresistible. Tom provided his credit card number and shipping address. The site also asked for his Social Security number. Not thinking twice, Tom entered the nine digits. The next day, on his way to the grocery store, Tom stopped at his bank's ATM. To his horror, his balance was zero. He also found that his savings account was wiped out. A "phisherman" had hooked another victim.
The typical phishing experience starts with the receipt of a fake e-mail. The e-mail sender and subject line claims to be from a legitimate, trusted source such as an online auctioneer, bank, mortgage broker, credit card company or Web retailer.
A common message is a "customer service request" asking subjects to click onto a Web site, supposedly to resolve a glitch or problem within their account, perhaps to reset a password or personal identification number. As in the case above, it can also be an offer to purchase a product or service.
Because the fake e-mail often starts with a blast to millions of randomly selected e-mail addresses, most people don't respond because they don't have an existing business relationship. The goal for the criminal is to cast the net as wide as possible, luring in a few susceptible people who believe this is a legitimate request for information.
While the mere act of reading the e-mail advertisement or Web site can unleash a persistent cookie or Web beacon onto the user's computer system, the more serious security problem arises when the individual visits the spoofed Web site. The best spoofers do an excellent job of re-creating the real corporate Web


Recommend Digg Twitter ShareThis
Email Print Send Feedback Reprints

Additional Resources

POLL RESULTS
Leading IT Pros Weigh In on Top IT Issues
Accelerate your knowledge of the IT world you inhabit by viewing the results of a series of polls taken by your IT peers. These polls of 100+ IT professionals each are available for full viewing. They cover key topics such as virtualization, processor performance, green IT, cloud computing and many others. Be a part of the buzz.
WHITE PAPER
For Best Results, Think Beyond the Box
Technology is complex. Keeping it running productively shouldn't be. To that end, you want to minimize the number of solutions needed in-house to simplify operations, maintenance, and support. Kodak offers a best-practices model. One company provides support for both scanner and software, for fast problem resolution without vendor finger-pointing. Download now!
WHITE PAPER
Accelerating the Path to Demand Intelligence with a Demand Signal Repository
Utilizing demand intelligence improves the precision of pricing, product assortments, channel/store placement, and promotion, which are all essential for sustainable revenue management performance. Learn more, download this free whitepaper today.

White Papers & Webcasts

A Truly Global HCM System
Learn about a system built with advanced object-oriented technology that support multi-national requirements and costs less to implement, maintain and upgrade....  

Usability Is Everything
Learn what sets Workday's HR and Payroll solutions apart from the competition....

Moving Beyond Monolithic - What's Next for Enterprise Application Architectures?
This white paper reviews the current state of enterprise application architecture and presents a prediction on what might come next....  

SaaS at Flextronics, Inc.
Dave Smoley, CIO of Flextronics, discusses the real value of software-as-a-service and why he chose Workday for his HR solution....

The Shortcut Guide to Managing Certificate Lifecycles
(Source: Thawte) If you have ever shopped for a certificate, you know that there is a wide selection of products and vendors from...  

Agile Enterprise Content Management (ECM) for Rapid ROI
Find out how combining ECM and BPM will help adress issues about content rich business processes....

MarketVibe: Communications and Collaboration Needs at Business Organizations
In April 2009, IT and business leaders were invited to participate in a survey on business communications and collaboration solutions. The goal of...  

Modernizing the IT Infrastructure
(Source: Oracle) There is a lot of legacy in many government IT systems today - legacy hardware, legacy software platforms, and legacy skills...

The Value of Network and Application Visibility by Aberdeen
This survey-based paper analyzes best practices for improving application visibility and analysis. This paper can help serve as a guideline for organizations looking...  

Taking the Service Desk to the Next Level
Listen to this conversation with Doug Mueller to learn how standards and processes have evolved to bring us the service desk of today...

All White Papers | All Webcasts

Computerworld Reports

An Interactive eBook: Enterprise Security

The Business Case for Server Virtualization

Computerworld Technology Briefing: Intelligent Users Use Business Intelligence

All Computerworld Reports
 
About Us Advertise Contacts Editorial Calendar Help Desk Jobs at IDG Privacy Policy Reprints Site Map
CIO Computerworld CSO DEMO GamePro Games.net IDC IDG IDG Connect IDG Knowledge Hub IDG TechNetwork IDG Ventures
IDG.net InfoWorld ITwhitepapers ITworld JavaWorld LinuxWorld Macworld Network World PC World The Industry Standard
Copyright © 1994 - 2009 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of
Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.