Be On Guard!
Certainly understanding how these attacks come and in what forms they come in is a first step in your defenses. However, another crucial step to protecting yourself is having the technology in place to care for things that might go by undetected. Make sure your browser contains at the minimum these safety features.
Is the website that you are looking at really your bank's website? With URL highlighting, the website address that you are really looking at is colored in the address bar. It’s very easy to determine the actual domain name you’re looking at and verify the identity of the website.
A filter like this works in conjunction with a database of known phishing websites. If you click on one of these web sites, a warning appears (Figure 1). Internet Explorer 8 uses a SmartScreen Filter that blocks malicious sites, rogue downloads, portions of sites, and more. When a thread is identified, you're presented with a message with a list of options to safely proceed. This can also be administered by Group Policy on large networks with a customizable list of safe options.
Where Does Internet Explorer 8 Rank?
Internet Explorer 8 (IE8), which is part of Windows 7, contains these and many more advanced security features.
Computer World reports that IE8 did the best job of fending off attacks from 492 malware-distributing websites, blocking 69 percent of attacks.
IE8 RC: 69%
Firefox 3.0.7: 30%
Safari 3.2: 24%
Chrome 1.0.154: 16%
Opera 9.64: 5%
You can read more on this comparison at http://www.maximumpc.com/article/news/ie8_best_stopping_socialengineering_malware_test_reports.
One other area to look out for social engineering is in instant messaging. Due to its explosion in popularity, IM is now becoming a favorite tool for online thieves. Microsoft has published 10 tips for safe instant messaging to alert IM users to potential dangers:
There might be no way for us to prevent social engineering entirely, but we can all take advantage of technology and education to minimize the threat of such attacks.