Phishing, according to Wikipedia, is “attempting to fraudulently acquire sensitive information by masquerading as a trustworthy business in an electronic communication.”

You may receive an email that looks like it came from your bank, or from eBay, or PayPal, or Amazon. They’ll tell you that your account has expired, or they suspect somebody has been trying to access your account fraudulently, or that they’re just verifying your information for security reasons, but if you don’t respond, they’ll have to “freeze” your account. They may even pose as the IRS.

Phishing scams are made up of two parts. The first part is called link manipulation. They try to make the email look like it came from the actual institution they’re impersonating. They will always include a link to a fake website. These links look like they go to the correct place, but there are technical tricks they can use to make it look like it’s going to one place while really going somewhere else.

The second part of the scam is called website forgery: the site you are sent to from the link in the email will look legitimate, but it isn’t. They may request that you “log in” with your real information, or to provide them with private financial information. What can be done? Part of the solution is technical. The people who make Internet Explorer, Safari, and Firefox regularly update them to close some of the technical loopholes exploited by the phishers. That’s why it’s important to make sure you are using the most recent version of your internet browser. A good spam filter for your email program will also go a long way towards eliminating many of the phishing emails before they even reach your inbox.

The best way to protect yourself is to know what to look for, and to be suspicious of any incoming email requesting that you divulge private information. There are some telltale signs to look for. Phishing email usually contains an urgent request for personal financial info. There’s almost always a link in the email. Do not use this link. If you want to contact your bank via the internet, open the browser yourself, and type in a known good internet address. You can also contact the company directly and ask them about the email.

Most phishing emails will not contain personal information. They may be addressed to “Dear Valued Customer,” for instance. In contrast, a real email from these institutions usually will contain personal information - perhaps your screen name, or the last four digits of your account. This isn’t foolproof, though. Just because personal information is present doesn’t make an email legitimate, but the lack of any personal information is a strong indicator that it is not.

What should you do if you think you’ve given information to a phishing scam? First, contact the institution concerned right away and let them know. Next, if possible, close the account and start a new one. Then be sure to monitor your bills and statements very closely for anything unusual.

Phishers are rotten, selfish, cowardly, and evil. The more educated and wary you are, the more difficult it is for these scammers to succeed.

Written by Larry Spinak.

Simply put it acts as a barrier between your computer and the internet. To protect you from crackers, hackers and malware.

If your running DSL or a cable modem you should employ a firewall, as having a direct connection to the Internet can make you a target to attack. Firewalls can be hardware or software based. With firewalls you set up ACL’s or Access Control lists to allow or deny traffic.

There are three different ways a firewall can block traffic.

1. Packet Filtering- Packets are analyzed against filters in the firewall rulesets. Firewalls will drop packets that are not allowed in the firewall rulesets.

2. Proxy Service- Information from the Internet is grabbed by the firewall and delivered to the requesting service thru the proxy.

3. Statefull packet inspection- looks up criteria against a database of trusted information. To see if the packet contains anything that would allow

or deny it into the network.

Firewalls are customizable allowing you to create your own rulesets you can block IP addresses, specific protocols such as Telnet, FTP, ICMP, UDP, SMTP and many others.

Firewalls can be customized to block specific ports, or even keywords.

There are many software firewalls availiable such as Tiny Firewall http://www.tinysoftware.com/home/tiny2?la=EN That is designed to keep hackers out of your network and block Spyware.

Zone Labs makes ZoneAlarm I like it bcause it has a simple interface allowing home users to configure it easily. http://www.zonelabs.com/store/content/home.jsp

For hardware firewalls there is:

Cisco www.cisco.com There brand is called PIX firewall.

From home users I like D-Link DI-604 this is a inexpensive firewall that works well. Best of all it fits into almost any budget.

Linksys (now part of Cisco) offers a router/firewall that supports VPN and DMZ. www.linksys.com

There are many hardware solutions including setting up a firewall on a *nix box. I like this the best as it gives you the firewall administrator the most control. I personally like OpenBSD for any security applications I would run with Unix, as it is secure. There have been very few exploits against this platform.

I will be writing more articles about firewalls shortly.

Written by Benjamin Hargis.

Firewalls

Computer viruses! Worms! E-mail viruses! Trojan Horses! The media is always full of stories about computer viruses infecting computers all over the world, or companies scrambling to fix security holes in their software by releasing security updates. What can businesses or individuals to protect their computer? Installing a firewall may be one answer.

The Importance of Having a Firewall

While the first computer viruses were transported from computer to computer by floppy disks, computer viruses today can cover the globe in the blink of an eye over the Internet. And they’ve probably made it to your computer. You have likely had to deal with the consequences of spyware and other malicious programs that had have crawled onto your computer while you were browsing the Internet. And as a consequences, you’ve probably spent hours and hours trying to get rid of all the spyware and other malicious programs that have taken up residence on your computer.

Even if you think your computer is virus free, you are probably wrong. That is why spyware and viruses are so dangerous; you could be using your computer with no idea that they’re there.

Firewalls Will Protect your Computer

A firewall puts a wall between your home network and the Internet. Just like a real firewall keep fire from spreading from one area to another, a software firewall tries to keep computer viruses from spreading from the Internet onto your home computer or home network.

The firewall itself is a piece of software that is usually run on your router or cable moden. By attaching itself to this hardware, the firewall is the first thing any incoming traffic from the Internet meets.

The firewall’s job is to act to filter all of the traffic from the Internet that comes onto your home network. Whenever a network packet tries to come onto your home network, it has to make it by the firewall first. The firewall will analyse the packet to make sure it isn’t a viruses or some other undesirable communication. If the firewall gives it the all clear, it will let the packet continue on its journey to your home network.

How does a Firewall Know what Traffic is Good?

The firewall will use user-defined parameters and automatic parameters to decide whether the traffic should be let through or labelled dangerous and blocked. As the user, you could configure the firewall to block all traffic coming from a specific IP address. Obviously, you won’t be able to do this for all the malicious sites on the Internet – this list would be far, far too long!

For this reason, the firewall will automatically screen incoming traffic to make sure it corresponds to the kind of traffic you would want to receive by running it through a set of predetermined parameters. For instance, the firewall will usually let traffic sent from a website through to your computer, but it will not let someone remotely login to your computer.

No matter what software or hardware you use, you will always be putting your computer at risk when you connect it to the Internet. You can limit this risk as much as possible, however, by using a firewall. A firewall will let you access all the wonderful resources of the Internet without staying awake all night worrying about your home network.

Written by Steve Dolan.