While Macs are relatively free of viruses and spyware and malware in general there is one area that isn’t as secure as you may think. That area is identity protection. And one way criminals steal your information is from phishing.
Phishing is where you get an email from a company that you may have an account with i.e. your bank, Amazon.com, or Pay Pal, and they ask for you to click on a link to go to their website and confirm your log-in or credit information. Once you click on the link and go to a legitimate looking web site and enter your information, the criminals take your information and sell it or utilize it for fraudulent purposes.
There was a story this week that the Chief security officer of Pay-Pal recommended against using the Safari browser for online transactions. His reasoning is that Safari has no built-in phishing filter to warn users when they are visiting suspicious Web sites, and Safari’s lack of support for another anti-phishing technology, called Extended Validation (EV) certificates. Whereas the Firefox and Opera browsers on the Mac do have these features.
So how do you protect yourself from phishing? By far the simplest and 100 per cent secure way, is to never click on a link to a site from an unsolicited e-mail. Below is an example of a bogus email from supposedly Pay-Pal.
Notice that the reply to: address is not anything like Pay-Pal and that by rolling over the Resolution link we can see that it links to paypal-secure-login.com which is a bogus site. Just because the URL contains the phrase paypal doesn’t mean it goes to Pay-Pal.
If you do receive an e-mail that you think is legitimate, don’t click on a link, go to your web browser and manually type in the correct URL for the company that the e-mail is supposedly from. In the case of Pay-Pal, that URL is http://www.paypal.com/ . If you don’t know the URL for the company, like your bank, you can always call them on the telephone to resolve any legitimate issues.
The best advice is to be suspicious of all unsolicited e-mail.