3 Ways to Save Yourself After a Phishing Attack

Microsoft and Mozilla are exchanging heated jabs about whose browser is more secure, but your browser can only protect you so much from phishing attacks. Your own brain may be your best defense. Here are three common problems caused by phishing, and how to solve them.

By Bill Snyder
Mon, October 17, 2011

CIO — Figures don't lie, the old aphorism goes, but liars can figure. And after nearly 20 years covering technology, I've realized that you could update that saying to: Benchmarks don't lie, but liars can benchmark.

What brings this to mind is a nasty war of words between Microsoft and Mozilla, the publishers of Firefox, over whose browser is more secure. Both are pointing fingers at the other, claiming that their benchmarks really tell the tale.

I'm not saying any of these folks are actually lying, but they're using benchmarks and other statistics to prove a point they want to make and make themselves look as good as possible. My advice is to ignore the argument; the only people who really care about it are the people who work for one side or the other, and tech writers who love nothing more than conflict. As it happens, all three of the major browsers — Microsoft's Internet Explorer, Mozilla's Firefox and Google's Chrome — are more than secure enough for most consumers and businesses.

That's not to say you can forget about security on the Web. The browser is part of your defense, but a bigger part is your brain. That's right, the smart user who pays attention to what he or she sees on the screen is always safer, particularly against a very nasty tactic called "phishing."

By now you've probably heard of phishing. It's an email, or Tweet or Facebook message that appears to come from someone you know or an institution you do business with, like your bank or credit card company. It will contain a link that might do something as harmless, though annoying, as taking you to a site to look at advertising you don't want to see, or in the worst case, download malware onto your computer.

Browsers and your basic security software will detect many phishing attacks, but not all. So, I'll repeat what you should already know. If a message looks odd, look carefully at the address. If you see something from say Chase, that comes from chase@online.com (that came to me the other day), delete it. In fact, never click on a link in an email unless you know for sure who sent it.

Having said that, there are times when all of us let down our guard and get caught. Here are some of the most common problems that phishing can cause, and some solutions, courtesy of an industry coalition called the Anti Phishing Working Group.

Continue Reading

Our Commenting Policies