Phish is a term used to refer to email that lures a computer user to a
site under false pretenses. The site may be a fake credit card site
masquerading as the real site, or a site that loads software that turns
your computer into a spam zombie. I received a new kind of phish this
morning, I include the image further below. I thought the ploy was
rather clever and would likely catch those less paranoid than I
off-guard.
The phish email masqueraded as a news piece from CNN dated 18 January
2007. Two things triggered my suspicions. The first was that I do not
subscribe to any CNN news feeds. The second was when I looked for the
usual "unsubscribe" link that legitimate mail list email contains, I
found none.
At this point I rolled over the link "Read more about..." without
clicking on the link. At the bottom of my screen was displayed a
destination web site in Romania (note the country code ".ro" in the
image). The tail end of the URL appeared to be designed to fire up a
dynamic web page via CGI or other technologies. In other words, the
site was a spider's web set to catch prey. The web site was definitely
not CNN.
I then realized that the date did not make sense. Although recent,
typical news feeds are not more than 24 hours old. As this is being written, it is the morning of the 23rd of January.
This email had aged
five days. Of course, the spammer could "future date" the email to
anticipate the arrival date of the email, and a future edition of this
sort of phish may yet appear.
Phish sites can cripple your computer and leave our IT folks with hours
and hours of clean-up work. The best defense against malevolent email,
viruses, and unwanted programs has never been anti-malware software
alone, the best defense remains an educated and vigilant computer user.
Cybersurf safely!