Regular readers of my Tips and articles know my Number One Rule to avoid phishing scams. Never click on a link in an email or on a Web site to go to the site of your bank, broker, utility co., , , government agency or the like.

If you want to go to such a site, you must type the address into your browser address bar, or click your shortcut or Favorites link. This way, you may avoid being served faked or look-alike sites that try to steal your login data, and then your cash. However, like most things on the Internet, this precaution is not foolproof, and the scammers have found several ways to get around it.

As you may know, when you enter the address of my site (http://MyPCSecurityBlog.com) into your address bar, your computer has to convert it to a string of numbers called the IP (Internet Protocol) address, before fetching the site for you. Every computer and every Web site has a unique IP address, to identify it on the Internet.

So your computer first goes to a large, powerful computer called a domain name server () to look up the “real” address. That is what happened when you entered my Web address just above. Why does the Internet work like this? Because MyPCSecurityBlog.com is easier to remember than a bunch of numbers!

So what is the problem? Well, criminals can sometimes break into these domain name servers and alter the listings. So when your computer requests the address of your bank, say, the server will provide your browser with the wrong IP number, and direct you to a fake, look-alike site.

This type of attack is not common, fortunately, but you need to be on your guard. It is often called pharming. You can protect yourself by looking for those two critical indicators we regularly mention: the “s” in https://… and the gold padlock on the upper or lower part of your screen. I have always said this is not foolproof, but every little bit helps.

Another thing that helps (a lot) is keeping all your security programs up to date, including Windows. Speaking of which, yesterday was Patch Tuesday. Go to the Microsoft Update site, and check that your computer has downloaded and installed the updates for the Office software.

There are other ways the hackers could send you to a spoofed site, such as altering your HOSTS file, if you have one. So be cautious as to which sites you visit.

Syd Tash is a noted computer security consultant and author of How to Protect Your Computer Online. He has been keeping Internet surfers safe and secure since the last century. Find out how he does it; protect your own computer with five layers of protection right here:
= > http://MyPCSecuritySite.com

You may include these Tips in your Web sites and publications provided they remain unchanged and include the above paragraph, with the author’s name and Web site. You can also get a direct URL to this post. Click the title, then copy the URL in the browser address bar.

Share and Enjoy:
  • Digg
  • del.icio.us
  • Facebook
  • NewsVine
  • Reddit
  • StumbleUpon
  • YahooMyWeb
  • Google Bookmarks
  • Yahoo! Buzz
  • TwitThis
  • Live
  • LinkedIn
  • Pownce
  • MySpace