crime

Record 2.9 million people led to fake websites through phishing

8 Comments

The requested article has expired, and is no longer available. Any related articles, and user comments are shown below.

© KYODO

©2018 GPlusMedia Inc.

8 Comments
Login to comment

This is really not surprising, well actually it is, I though it would be a hell of a lot more.

It's just an extension of the "bubble" that far too many folks around this country live in. Somehow they are immune from any problems, and they have the "heiwa-boke" syndrome as well.

3 ( +4 / -1 )

I’ve received quite a few of these kinds of emails over the last few months. There were a couple of good ones claiming to be from Apple threatening to close my App Store account if I didn’t confirm my details. They were quite convincingly formatted, but there are always a few mistakes. All you need do is to check the sender’s email address. They are always fake and sometimes obscure. One would think that, after 30 odd years of the internet people would start to learn not to respond to ‘click bait’ and give out their personal details.

5 ( +6 / -1 )

Seems like a low number. A problem most certainly not limited to Japan.

4 ( +5 / -1 )

Check the email of the sender.

Google the email title, you'll often find out about a scam this way.

Never give personal details online, legit companies do not email/phone you to ask you for security or personal details.

3 ( +3 / -0 )

Why every 5 minutes I am told to upload my info to iCloud, which I don’t use or want or understand?

-1 ( +2 / -3 )

Why every 5 minutes I am told to upload my info to iCloud, which I don’t use or want or understand?

When you say, "I dont use or want or understand" you, like so many others, are prime targets, because of your not wanting to "understand" With understanding you learn how to stop them.

If you think about it a moment, it's because is even 1% of the people answer, these scammers have the potential to make some serious money, and it's people making the choice to stay uninformed that gives them an edge.

The only way to totally avoid them is take yourself off the internet.

1 ( +2 / -1 )

Lots of email clients hide the full TO/FROM addresses in an effort to make things easier. HRC thought her email address wasn't available because it always showed up as just "H" on all her aide's devices. She isn't unusual.

Every email MUST have email addresses that the servers along the way can see. Also, the entire path of different email servers used to send any email is in the headers for anyone to see. But you have to look at the "full headers".

The FROM address can be anything. It isn't validated or verified. Only the first outbound server gets to decide if the FROM is important or not. People use god@heaven.org for funny emails all-the-time. After all, God wouldn't have a .com address, right?

Spam filters seem to do a fairly good job these days. It really is pretty amazing. About once a month, a spam email gets to one of my normal email addresses. Then I look at the headers and it is clear.

The links are almost always to some small wordpress sight that has been hacked for months or years. The company running the website put it up years ago, then fired the "computer guy" and it hasn't been patched all this time. The hosting company won't take it down, since they are getting $20/month for hosting it. Multiply that times 3,000 and you have an average small hosting company. It is possible to put 3,000 websites onto a single server, BTW. The company just wants their $20/month and not to be bothered with "security" stuff from customers. There is little (zero) incentive to patch or secure anything, so the phishing webpages remain.

BTW, I've been running email servers professionally for over 20 yrs. I have a few rules for online security.

Always use different email addresses for financial, social, online buying, work, personal, needs. NEVER mix those. Your social email address should never be used at a bank or for online purchases.

Never tie your cell phone to any online account. It is "a thing" to steal someone's cell number and empty their accounts using it.

Never use SMS for extra authentication. It would violate the rule above. Brian Krebs saays "Although SMS is not as secure as other forms of 2FA, it is probably better than nothing. " Sometimes vendors don't give us much choice.

Always use fake names when online. Never tell the truth.

Always use different account names, random is best, online.

Never use the same password in 2 places. A password manager like KeePass (or KeePassCX) are good solutions. You'll never actually need to know the password to most websites or emails.

Security questions - always lie, best to use random answers that make no sense at all.

If there is money involved, go random. Random username, random password, random answers to security questions. I couldn't tell you the login to my brokerage accounts or banking accounts. I don't know them.

use a U2F device on accounts that support it for 2-factor authentication. These devices run US$10-$50. Look for "Fido Alliance" for the quality versions. Yubikey is the leading vendor, but there are others. Google has a device for US$50 that they claim has prevented their employees from being phished when accessing google accounts and other u2f compatible accounts online. Most of the large cloud services support u2f now.
2 ( +4 / -2 )

@Goodlucktoyou - Why every 5 minutes I am told to upload my info to iCloud, which I don’t use or want or understand?

A smart phone or smart technology is only as smart as the persons using them. With so many brain lazy people refusing to update their education of technology from the 80’s I am in no way surprised so many fools get phished. My mother is in her early 80’s and can recognize ‘click bait for losers’. “A fool and his money (or personal details) are easily parted’

1 ( +2 / -1 )

Login to leave a comment

Facebook users

Use your Facebook account to login or register with JapanToday. By doing so, you will also receive an email inviting you to receive our news alerts.

Facebook Connect

Login with your JapanToday account

User registration

Articles, Offers & Useful Resources

A mix of what's trending on our other sites