A client of ours received an email warning her that someone had used her Apple ID to download an app:
This email did not come from Apple. This is a fake email, known as a phishing email, and they’re trying to bait the recipient into clicking on the links in the message. The message tries to trick the recipient into thinking their Apple account has been compromised, when in fact, the message itself, is attempting to do just that.
The links do not lead to Apple’s website. Instead, the links lead to a malicious website:
This is the first place your Web Browser makes a difference.
If you use Internet Explorer and click that link, it does nothing to stop it (and that’s with Smart Filter protection enabled).
If you use Firefox, it detects it is a malicious link:
If you use Chrome, it detects it is a malicious link:
By no means should you rely on your browser as your sole point of Web security, but you can see how Internet Explorer compares to Firefox and Chrome when it comes to ‘safe browsing’.
Next, you get to see how well your antivirus holds-up. For you Microsoft Security Essentials users out there, it does nothing to detect, nor prevent this phishing attack. If you’re utilizing ESET NOD32, you’re in better shape:
The Computer Peeps recommend a layered approach to Web Security, including OpenDNS Web Filter, Firefox w/ NoScript, AdBlock Plus, and Public Fox, as well as logging-in to your system as a non-admin + utilizing ESET NOD32 Antivirus (or one of the top performing antivirus solutions).
The takeaways from this post:
- Be cautious and aware of emails that are trying to get you ‘riled up’, so you click on something without thinking.
- Utilize an email service that does a good job of filtering out fake/fraudulent emails – e.g. Gmail/Google Apps for Business.
- Switch to Firefox or Chrome.
- Utilize a proper antivirus solution, such as ESET NOD32 Antivirus.
- Do NOT use Microsoft Security Essentials.
- Utilize a Web Filter, such as OpenDNS.
- For daily-use, do not log in to your computer as an administrator.
If you have any questions, don’t hesitate to comment below or give us a buzz!