Computerworld
Home News Blogs ReviewsWhite Papers Newsletters IT Careers

resource center


Ads by TechWords

See your link here

Subscribe to our e-mail newsletters
For more info on a specific newsletter, click the title. Details will be displayed in a new window.
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
More E-Mail Newsletters 
 

Print edition

Phishy e-mails and Web sites: What's your responsibility?

By Larry Ponemon
August 24, 2004 12:00 PM ET
Recommended
(0)
Digg
Share/Email

Computerworld - Welcome to Computerworld.com's new monthly column on IT ethics by Larry Ponemon.
The Ponemon Institute in Tucson, Ariz., conducts independent research and education designed to advance ethical information and privacy management practices in government and business. To learn more about your interests and perceptions about these issues, we plan to ask a few questions at the end of each monthly column. We hope you will take a few minutes to respond (editor's note: The survey is now closed). If you have any questions, please e-mail us at research@ponemon.org.

-----

Tom was an avid collector of antique train sets. One morning while scanning his e-mail, he noticed one from an online auction site from which he purchased a good part of his collection.
The e-mail had the familiar logos and graphics Tom was accustomed to seeing with a tempting message that he could purchase a 1938 Lionel caboose for less than $50. The message was irresistible. Tom provided his credit card number and shipping address. The site also asked for his Social Security number. Not thinking twice, Tom entered the nine digits. The next day, on his way to the grocery store, Tom stopped at his bank's ATM. To his horror, his balance was zero. He also found that his savings account was wiped out. A "phisherman" had hooked another victim.
The typical phishing experience starts with the receipt of a fake e-mail. The e-mail sender and subject line claims to be from a legitimate, trusted source such as an online auctioneer, bank, mortgage broker, credit card company or Web retailer.
A common message is a "customer service request" asking subjects to click onto a Web site, supposedly to resolve a glitch or problem within their account, perhaps to reset a password or personal identification number. As in the case above, it can also be an offer to purchase a product or service.
Because the fake e-mail often starts with a blast to millions of randomly selected e-mail addresses, most people don't respond because they don't have an existing business relationship. The goal for the criminal is to cast the net as wide as possible, luring in a few susceptible people who believe this is a legitimate request for information.
While the mere act of reading the e-mail advertisement or Web site can unleash a persistent cookie or Web beacon onto the user's computer system, the more serious security problem arises when the individual visits the spoofed Web site. The best spoofers do an excellent job of re-creating the real corporate Web


Recommend Digg Twitter ShareThis
Email Print Send Feedback Reprints

Additional Resources

POLL RESULTS
Leading IT Pros Weigh In on Top IT Issues
Accelerate your knowledge of the IT world you inhabit by viewing the results of a series of polls taken by your IT peers. These polls of 100+ IT professionals each are available for full viewing. They cover key topics such as virtualization, processor performance, green IT, cloud computing and many others. Be a part of the buzz.
WHITE PAPER
For Best Results, Think Beyond the Box
Technology is complex. Keeping it running productively shouldn't be. To that end, you want to minimize the number of solutions needed in-house to simplify operations, maintenance, and support. Kodak offers a best-practices model. One company provides support for both scanner and software, for fast problem resolution without vendor finger-pointing. Download now!
WHITE PAPER
Accelerating the Path to Demand Intelligence with a Demand Signal Repository
Utilizing demand intelligence improves the precision of pricing, product assortments, channel/store placement, and promotion, which are all essential for sustainable revenue management performance. Learn more, download this free whitepaper today.

White Papers & Webcasts

Natural User Interface for Enterprise Applications
Learn how a revolutionary user interface can make a complex enterprise application so intuitive even casual users can jump right in....  

Why Now is the Right Time for the Linux Desktop
(Source: Novell) Faced with tighter budgets, enterprises are rethinking their desktop strategies to deliver the same - if not better - services and...

Moving Beyond Monolithic - What's Next for Enterprise Application Architectures?
This white paper reviews the current state of enterprise application architecture and presents a prediction on what might come next....  

Novell Opens PR Video
Is the Linux desktop for me? Customers are looking for ways to be more flexible and save money. Using Linux offers a great...

SUSE Linux Enterprise Server Deployment Approach Guide
This document is intended for IT professionals and managers who are considering deploying SUSE Linux Enterprise Server. Novell has had a number of...  

Usability Is Everything
Learn what sets Workday's HR and Payroll solutions apart from the competition....

SUSE Linux Enterprise Desktop Data Sheet
SUSE Linux Enterprise Desktop is the market's only enterprise-quality Linux desktop ready. It delivers seamless interoperability with existing enterprise systems and dozens of...  

The Value of Real SaaS at Workday
Cost savings, speed to value, and innovation brought to the enterprise by Workday's software-as-a-service solutions for HR and Payroll....

SUSE Linux Enterprise Server Data Sheet
SUSE Linux Enterprise Server is a highly reliable, interoperable and manageable server operating system built to power mission-critical workloads in physical and virtual...  

SaaS at Flextronics, Inc.
Dave Smoley, CIO of Flextronics, discusses the real value of software-as-a-service and why he chose Workday for his HR solution....

All White Papers | All Webcasts

Computerworld Reports

An Interactive eBook: Enterprise Security

The Business Case for Server Virtualization

Computerworld Technology Briefing: Intelligent Users Use Business Intelligence

All Computerworld Reports
 
About Us Advertise Contacts Editorial Calendar Help Desk Jobs at IDG Privacy Policy Reprints Site Map
CIO Computerworld CSO DEMO GamePro Games.net IDC IDG IDG Connect IDG Knowledge Hub IDG TechNetwork IDG Ventures
IDG.net InfoWorld ITwhitepapers ITworld JavaWorld LinuxWorld Macworld Network World PC World The Industry Standard
Copyright © 1994 - 2009 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of
Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.