Spoofing is why you have to do everything on the Intenet slowly.
Welcome to Cyber Security Today. It’s Monday Oct. 8th. Happy Thanksgiving Day to Canadian listeners.
It’s Cyber Security Awareness Month, so I’m peppering my podcasts with advice for ordinary Internet users.
Today I want to talk about spoofing because of a funny email I got. Spoofing is a technique used by bad guys to impersonate an Internet Web site address of a company or email address of a person. You might think that link in an email that says “twitter.com/johnsmith” is legit. Or the link to a company site looks fine. Hackers know several ways to trick you. The easiest is to mis-spell a person’s name of someone you know. So you think an email has come from your boss or cousin named “JenSmyth [@] something.com”. Look closer and it’s really from “JanSmyth.” You missed that the “e” had been switched to an “a”. That’s why it’s so important with email, text messages or social media to read slowly. Make sure you’re confident in who is sending you every message. If you want to be really sure, there’s a way to display the headers in an email message. So there’s something wrong if “JenSymth” is really “[email protected]”
And then be careful of the links inside the message. Think someone is helpfully sending you a link to the BBC news site? Look closely: The link says “bbcnew.” NOT “bbcnews.” (which, by the way, isn’t the real site anyway). Or, instead of a site ending in “dot-com” it ends it “dot.cm.” It’s easy to miss when you read quickly. That’s why it’s so important before you click to move your mouse over every link, then look at the bottom right of your browser. That’s the real address. And if someone sends a link that’s been shortened so you can’t read the real link, be very suspicious. You also need to be careful when typing a web site address in a browser. Criminals hope you make a spelling mistake if you go to a popular site. They’ve already got a fake one set up, with malware, waiting for that error.
So remember: Everything on the Internet is fast – except you.
That’s it for Cyber Security Today. Subscribe on Apple Podcasts, Google Play, or add us to your Alexa Flash Briefing. Thanks for listening. I’m Howard Solomon.