I’ve been getting a flood of phishing attempts, supposedly for a “failed ACH payment”. In fact, there are times when, in the time it takes me to delete the ones that made it past my filters and into my inbox, a dozen more show up. Out of curiosity, I checked my spam filter, and found this:
Archive for the ‘Phish’ Category
We’ve all seen those phishing e-mails, trying to steal your login information for banks, credit cards, and what-not. They all start “something bad happened, and if you don’t ‘confirm’ your identity within 72 hours, we’re going to delete your account”. So, when an e-mail with the subject “SourceForge.net passwords reset” hit my inbox the other day, I was a bit suspicious.
However, what followed did not look like your typical phishing scheme. In fact, it was a real e-mail from SourceForge.net. Here’s the main part of the e-mail, along with my thoughts on what they did “right”. (As well as what they could have done “better”.)
Hello, We recently experienced a directed attack on SourceForge infrastructure (http://sourceforge.net/blog/sourceforge-net-attack/) and so we are resetting all passwords in the sf.net database -- just in case. We're e-mailing all sf.net registered account holders to let you know about this change to your account.
So far, it’s not much different than all those phishing e-mails we’ve seen. (Well, except for the use of proper English grammar and spelling, that is.) But, it continues… Continue reading ‘SourceForge.net does it right’ »
What’ s the best anti-phishing tool? According to a recent “Ask Leo” article, the answer is “you”. And I heartily agree.
Phishing is interesting, and difficult to protect against.
But I do have a strong recommendation for the absolute best anti-phishing tool.
You are the best anti-phishing tool. In fact, in some cases you are the only possible anti-phishing tool.
Click here to read the rest of his article.