Andrew has been a great source of knowledge regarding podcasting. He has gone the extra mile by providing assistance outside of the tendered contract.

Ray Tan,

Find us on Google+

How to spot a Phishing attack

With the recent news of 'Phishing' scams targeting Hotmail, Googlemail, Yahoo! and others what are the things you should be watching for to spot a 'Phishing' email?


It can be very difficult to tell if an email is from who it claims to be but here are a few tips that might help.
  1. Look out for spelling mistakes in the message, emails sent by large companies would often be checked and signed off so spelling mistakes are not likely to slip through.
  2. Check that the email link is the same as the displayed linkCheck if the email address the message was sent to is exactly the same as the address you used when you signed up, for example, over the years I have used several different email addresses. In the early days it was andrew@domainremoved.com and later I used andrewr@domainremoved.com as I get lots of junk at the first address. If I get an email sent to andrew supposedly from a website I signed up for since starting to use andrewr I can see that something is wrong. Unfortunately not all email providers let you use different addresses easily.
  3. If there is a clickable link, and there will be, that's the point, look to see if the displayed text of the link is the same as where the link actually points to. Most modern email programs display the actual target link in the status bar when you hover over the link.
  4. Look for something odd about the email like it using some foreign letters or in the case of the recent scam all the text was aligned to the right as in Arabic writing.

So what can you do to protect yourself from these Phishing attacks?
  1. First of all, don't click the link - Visit the website by your normal means, opening your web browser and typing in the address or using your bookmarks or favourites list. If the problem is genuine there will be a link on the website telling you about it. If there is nothing mentioned contact the websites customer service department or assume it's a scam.
  2. Use a modern web browser link Mozilla Firefox, Google Chrome, Apple Safari or if you must use Internet Explorer make sure it's the latest version, IE8 at the time of writing. Do NOT used Internet Explorer 6 or older as this browser is very insecure. Modern browsers have many anti-phishing feature built in to help you.
  3. Use a modern email program like Windows Live Mail or Mozilla Thunderbird as these have anti-phishing filters and junk mail filters to help you.
  4. Keep your anti-virus software up to date. And this tip doesn't need to cost you anything either as you can use AVG Free, Panda Cloud, or Microsoft's new Windows Security Essentials.

If you know of any other simple ways to spot those Phishing attacks let us know in the comments.
Webmasters: If you think this post would be useful to your readers please link to it.