NordVPN Promotion

Home / Blogs

Protecting Brands from Phishers No Easy Task

Protect your privacy:  Get NordVPN  [73% off 2-year plans, 3 extra months]
10 facts about NordVPN that aren't commonly known
  • Meshnet Feature for Personal Encrypted Networks: NordVPN offers a unique feature called Meshnet, which allows users to connect their devices directly and securely over the internet. This means you can create your own private, encrypted network for activities like gaming, file sharing, or remote access to your home devices from anywhere in the world.
  • RAM-Only Servers for Enhanced Security: Unlike many VPN providers, NordVPN uses RAM-only (diskless) servers. Since these servers run entirely on volatile memory, all data is wiped with every reboot. This ensures that no user data is stored long-term, significantly reducing the risk of data breaches and enhancing overall security.
  • Servers in a Former Military Bunker: Some of NordVPN's servers are housed in a former military bunker located deep underground. This unique location provides an extra layer of physical security against natural disasters and unauthorized access, ensuring that the servers are protected in all circumstances.
  • NordLynx Protocol with Double NAT Technology: NordVPN developed its own VPN protocol called NordLynx, built around the ultra-fast WireGuard protocol. What sets NordLynx apart is its implementation of a double Network Address Translation (NAT) system, which enhances user privacy without sacrificing speed. This innovative approach solves the potential privacy issues inherent in the standard WireGuard protocol.
  • Dark Web Monitor Feature: NordVPN includes a feature known as Dark Web Monitor. This tool actively scans dark web sites and forums for credentials associated with your email address. If it detects that your information has been compromised or appears in any data breaches, it promptly alerts you so you can take necessary actions to protect your accounts.

Just in case you’ve been out of the country for the last 12 months, a new scourge is hitting the Internet and the world of email and it’s called phishing. The Anti-Phishing Working Group defines phishing as identity theft “attacks using ‘spoofed’ e-mails and fraudulent Websites designed to fool recipients into divulging personal financial data such as credit card numbers, account usernames and passwords…”

According to various experts, the incidents of phishing are rising at an alarming rate: there were 13,000 unique phishing attacks in January alone - that’s a 42 percent surge over the previous month.

The real problem is that phishing works. Some of the sharpest folks I know have accidentally provided their personal information to a credible-looking website claiming to be eBay, Citibank, etc. In fact, 64 corporate brands were used in phishing attacks in January.

So, if you are a large, well branded company, how do you prevent this from happening to you and your customers? The bad news is that there are no obvious or easy answers. A recent article from Forbes talks about legislation that’s working its way through congress but, like CAN-SPAM, it is, at best, only a partial solution.

Fortunately, as consumers, there’s quite a bit we can do. Great email filter products like MailFrontier offer some protection. Browser plug-ins will help catch fraudulent sites by comparing URLs to known lists of bad guys. Various popular email programs are releasing new versions that will help call out and prevent some of the more popular tricks being used by phishers today.

The bad news is that, as senders, there’s not as much you can do.

Here’s a quick list of ideas I’ve compiled from various sources on the topic:

  • Educate your customers/recipients - of course, this will only go so far.
  • Alternate channels - new protocols like RSS largely solve the problems of phishing but very few consumers are currently using RSS readers, so this solution is still somewhat in the future.
  • Personalize your messsages - show the recipient that you know more than their email address. Ideally, ask them for a “secret phrase” when they register and then make sure they know that you’ll use it in every email you send them - they should closely scrutinize any emails without that phrase.
  • Allow confirmation codes on your home page - set up your home page with a simple text input. Users can type in a code embedded in emails at your home page and get a confirmation that the message or the site in the message is valid. This requires some help from IT but it makes it easy for users to check the validity of any message they are concerned about.
  • Don’t leave any open re-directs on your Website - these can be used to make a site LOOK like yours even though it doesn’t. eBay fell prey to this recently so it can happen to the savviest companies.

Have the phishers invented any new tricks that we should all be aware of? Are there better solutions emerging? Please post your thoughts and/or suggestions.

By Bill Nussey, CEO & Auhtor

Filed Under

Comments

Gazza11  –  Mar 23, 2005 12:38 PM

Hi,

I heard the latest threat is from trojan horses that modify cached bank web sites so that users are sent to fake sites.

Yours,
Gazza11.

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

Related

Topics

DNS

Sponsored byDNIB.com

IPv4 Markets

Sponsored byIPv4.Global

Domain Names

Sponsored byVerisign

Cybersecurity

Sponsored byVerisign

New TLDs

Sponsored byRadix

Threat Intelligence

Sponsored byWhoisXML API

Brand Protection

Sponsored byCSC

NordVPN Promotion