oreilly.comSafari Books Online.Conferences.


AddThis Social Bookmark Button

Internet Security Annoyances
Pages: 1, 2

Beware of phishing expeditions

The Annoyance:

I received an email from eBay the other day, asking me to validate my user ID and password. When I clicked the link, I was sent to what looked like the normal eBay web site and entered the information. A few days later, I found out that someone was using my eBay ID to scam people. This slimeball even got my credit card information! How can I prevent this from happening in the future?

The Fix:

You've been the victim of a so-called "phishing" expedition, in which an email is sent claiming to be from a legitimate web site or business (such as eBay, PayPal, or Citibank). In the body of the message, you're asked to click a link to a web site so you can verify your account information. The return address appears to be from the company (for example,, and the web site looks legitimate—the design, layout, and even the address bar look like the real web site. But when you type in the information, it goes to the scam artist running the phishing expedition, and he's off to the races with your credit card or web site account information.

To make sure this never happens to you in the future, follow these tips:

  • Never respond directly to an email message asking you for your username, password, or other information. Sites like eBay will never send out a request for this type of information.

  • If you're not sure whether the email is legitimate, don't click any links within the body of the message. Instead, go directly to the web site from your browser, log in, and see if you have any messages. You can also contact or email the company directly and ask whether they requested any information from you.

  • Forward potentially spoofed email to the business that supposedly sent it. They will attempt to track down the source of the spoofed email and cut down on future phishing expeditions. You can also forward the email to assorted groups that fight phishing, such as and

  • Keep Windows XP updated. Some phishing expeditions exploit browser vulnerabilities, and Microsoft constantly releases patches to fix those vulnerabilities. Use Windows Update or visit to keep your system updated with the latest patches.

    TIP: According to the research firm Gartner, an estimated 57 million people have received email from phishers. Gartner estimates that identity theft fraud caused by phishing attacks cost U.S. banks and credit card companies $1.2 billion in 2003 alone. Despite these staggering statistics, officials rarely find and prosecute phishers.

Guaranteed, foolproof way to uncover spoof sites

The Annoyance:

Many companies use weird web addresses and URLs to hide their true identity. Is there a simple, foolproof way to reveal the real name of the site I'm visiting?

The Fix:

Go to the address bar of your browser, type in the following JavaScript command, and press Enter:

    javascript:alert("Actual URL address: " +
    location.protocol + "//" + location.hostname +

A small window will pop up in the middle of your browser, telling you the actual web site you're visiting (see Figure 9-4). Check the URL to see if you're really visiting the site you think you're visiting. That way, you can always protect yourself against spoofs.

Microsoft has a useful knowledge base article that explains how to protect yourself against spoofed sites. To read it, go to and search for article 833786.

Figure 9-4
Figure 9-4. Yes, the site looks like eBay, but if you enter your personal information, your credit card details and identity will be stolen. The JavaScript command exposes this fake eBay web site as a phishing expedition.

Block snooping neighbors

The Annoyance:

A friend of mine used to easily spy on the hard drives of neighbors who, like him, had cable internet access. Why was it so easy? And how can I make sure like-minded snoops can't get into my PC?

The Fix:

Cable setups are not unlike local area networks, and you and your neighbors are essentially "nodes" on that network. (It's one reason your access slows to a crawl when Johnny next door decides to download a movie.) If you have file sharing enabled on your PC, your cable-connected neighbors can spy on your PC. One way to solve the problem is to use a firewall, such as ZoneAlarm ( or the built-in Windows Firewall. Both firewalls will stop outsiders from snooping on your PC.

To be absolutely safe, you can also turn off file sharing on your system for your cable connection:

  1. Right-click My Network Places and choose Properties.

  2. Right-click your cable internet connection and choose Properties.

  3. Uncheck the "File and Printer Sharing for Microsoft Networks" box and click OK.

  4. Restart your computer. File sharing is now disabled.

TIP: If you spend a lot of time on the internet, you'll come across the term malware sooner or later. What does it mean? Malware is any kind of software--viruses, worms, Trojans, or spyware--designed to do harm in some way.

My kids keep downloading malware

The Annoyance:

My kids keep downloading some piece of malware that damages my PC. How can I make sure they can't connect to the internet when I'm not around, short of locking the cable modem—or them—in a closet?

The Fix:

You can disable your internet connection when you leave your PC. Right-click My Network Places and select Properties. Right-click the Local Area Connection for your network card and choose Disable. If you have a network icon running in the Notification area (or System Tray), you can also right-click the icon and select Disable. To re-establish the connection, right-click the Local Area Connection or network icon and choose Enable.

Beware of spoofed emails

The Annoyance:

I own my own domain, and I got an email the other day from someone claiming to be my domain's mail administrator. The message asked me to confirm my password and username. But I'm the domain administrator, and I didn't send the message to myself! Odder still, the email seems to have come from an address in my domain. What's going on here?

The Fix:

Your email has been spoofed—someone has managed to forge the sender's address and make it appear as if the email came from you. If you respond to the email with your password and username, the message will go to the person who spoofed your email, and the sender will have complete access to your domain—so don't do it! Email requests for your username and password details are sure to be spoofs, not legitimate requests. Exercise caution, and don't give that information away.

Preston Gralla is the author of Windows Vista in a Nutshell, the Windows Vista Pocket Reference, and is the editor of He is also the author of Internet Annoyances, PC Pest Control, Windows XP Power Hound, and Windows XP Hacks, Second Edition, and co-author of Windows XP Cookbook. He has written more than 30 other books.

View catalog information for Internet Annoyances.

Return to the Windows DevCenter.