	Go to ParetoLogic.com »
	Big phishers netted, but still fishing the Internet waters »
	Would-be parents use YouTube, Facebook to find birth mothers »
	Customs agents stopping crime one laptop at a time »
	Affiliate Summit 2009 »
	Malware Diaries »
	Geek Speak »
	Community Forum »
	Team Player »
	PC Security News »
	Pareto's Perks »
	Internet Security »
	Questions & Answers »
	Download »
	Sound Advice »
	All Archived Articles »

Do you feel safe online? Keep yourself up-to-date with online security and PC performance with the ParetoLogic Online Safety and ParetoLogic Performance Solutions. These monthly publications, delivered by email, are chockfull of interesting news stories, tips for protecting yourself online, ways to make your PC faster and more stable, and product information.
Sign up now for free.

Want to get up to speed and be more secure? Past editions of the ParetoLogic Online Safety and ParetoLogic Performance Solutions email newsletters are filled with interesting stories and great tips to enhance your computing experience and improve your PC's performance and optimization. Now you can check out past issues through our archives and never miss another edition!

Big phishers netted, but still fishing the Internet waters

While United States authorities have brought a pair of cyber criminals to North America to face charges from a massive phishing scheme, there are plenty more out there catching unsuspecting people in their nets.

The U.S. Department of Justice has extradited Petru Belbita, 25, and Cornel Tonita, 28, from Romania. The pair, who have plead not guilty, allegedly set up fake web sites to steal user names and passwords from customers of eBay and clients of financial institutions such as Citibank and Wells Fargo, according to a Sept. 29 PC World website article.

In March, one of their alleged co-conspirators, Ovidio-Onut Nicola-Roman of Romania, was the first foreign national to be convicted in the U.S. of phishing. He was sentenced to more than four years in prison. While police have nabbed these men, phishing continues worldwide, according to the Anti-Phishing Working Group's Phishing Activity Trends Report for the First Half of 2009. The report showed that 49,084 unique phishing websites were detected in June. This is the most since a record high of 55,643 were detected in April of 2007.

"Phishing is a real risk for Internet users and targets everything from banking and gaming, up to social networking sites," said Jerome Segura, a respected security researcher who heads up ParetoLogic's Spyware Analysis Team (SWAT).

One of the reasons that phishing is particularly effective is that it is a two-pronged attack - combining social engineering and technical subterfuge - to steal a user's personal information or financial data. The first part involves computer users receiving emails that appear to be from a respected institution or business, such as a bank. They claim that information is needed right away. The email often includes a link that takes the user to a legitimate-looking website to enter their user name and password, or even their credit card or banking information. This is a fake site or one that has already been hacked, and the information is sent to the scam artists.

The criminals might sell this information or use it themselves to make purchases. In an oft-used scheme, the information is used by "cashiers" to create ATM cards. These are then given to "runners" who visit various ATMs to withdraw money. This was the scheme allegedly used by Belbita and Tonita.

"Phishing is getting more sophisticated using the latest techniques to bypass your browser's security," Segura said. "The scams are also targeted specifically for their audience and customized with local language."

So, what can you do to avoid being the victim of phishing?

Be careful of where you click. In spite of advancements in phishing scams, Segura said, "Traditional advice is still valid: do not click on links that look unfamiliar. Ask a friend or do some research if you suspect something is not right."
Keep an eye on your credit card and bank statements. If something appears amiss inquire about it immediately.
If you receive what looks to be a link from your bank, credit card company or financial institution, do not click on it. Go to their website and log in there or contact them directly.
Make sure when you are putting in sensitive information that the site is secure. You can look for "Error! Hyperlink reference not valid." rather than "Error! Hyperlink reference not valid." in the web address. Also look for a padlock icon at the bottom of the browser. If you click on it, a security certificate should be displayed.
Make your accounts hard to crack. Use a different password for each of your accounts. Also try to change them at regular intervals. Do not store the passwords on your computer.
Use a firewall, anti-spyware and/or anti-virus software and always keep your browser up-to-date with the patches that are issued.

"Despite increased security measures put out by banking organizations, one cannot guarantee the customer's machine is not infected," Segura said. "It is therefore your own responsibility to secure your machine and your assets."

Back to main Newsletter »

Each month ParetoLogic features one of its sophisticated powerful software products for you to try and enjoy!

To learn more about this month's featured product, click on the buttons below; they will allow you to download the product, explain how to download the product or let you view an informative video about this exciting solution.

Data Recovery Pro

How to Download