Anatomy of a Phishing Email

Phishing is a popular method of social engineering employed by scammers. A scammer posing as someone else uses popular communication medium such as email or telephone to contact a victim and request confidential information. This information is used for purposes such as withdrawing money illegally from the victim’s account or even identity thefts.

Identifying a phishing email is easy if you keep in mind certain basic fine points. I will be explaining these points with the help of an old phishing mail that circulated around 2007.


1. Generic Salutation – Phishing emails usually begin with ‘Dear User’ or ‘Dear sir/madam’ rather than specific salutation used in legitimate important mails.

2. Time frame – Usually, a sense of urgency is portrayed in phishing emails in order to make the victim anxious so that he acts in haste.

3. Threat – A threat is generally associated with the time frame so that as mentioned above, the victim is forced to act in haste. Usual threats include cancellation of accounts, charging of credit cards etc.

4. Suspicious links/Request for confidential information – While some phishing mails ask the victim to reply with certain information such as credit card numbers or PIN, others provide a web page where the victim can enter this information.

If the email asks you to reply with your password or any other sort of confidential information, you can be absolutely sure that it is a phishing mail. No company will ever ask you to send your password or credit card number by email.

In case of email with links, see if the link is pointing to the location which it is supposed to. Phishers usually use a text which looks like a URL which is linked to a phishing page. For example, it will look like, but it will be pointing to some other webpage. If you hover your mouse over the link, your browser will display the actual hyperlink.


You can also use a link scanner extension with your browser for extra security. I use the link scanner from Virus Total called VTChromizer. You just have to right click the link and select ‘Scan with Virus Total’. You can also use scanners from AVG, McAfee etc.

5. Poor language– Most probably, authors of phishing emails might not be someone you could depict as masters of the English language. So, there might be grammatical, punctuation and spelling mistakes. Although it is not necessary that every phishing email will have mistakes, most of them that I have seen was not perfect on the language side.

Another equally important way to fight phishing is to make sure that the email came from the right source. If you get an email from Amazon, check whether it came from something like rather than something like [email protected]

All of today’s major email providers have spam filters that will detect phishing mails and all major browsers have anti-phishing features, such as, the ‘Smart Screen’ for IE9 which can effectively protect you from phishing attempts. And now, with these simple tips, you can hopefully detect those one or two phishing mails that sneak into your inbox.

The Layman’s Guide to Computer Security

With a world full of malware, identity thieves and hackers, securing your computer properly is of at most importance. But unfortunately, most of us do not think further than installing security software. Mostly it is only after you get infected or hacked, that you realize you have done too little. But it would be too late by then.

The truth is, by following some very simple practices, you can easily minimize chances of being infected. Here’s a rundown of some of basic tips to secure your computer.

Install reputed Anti-virus software

You should make it a habit of installing an anti-virus (AV) software right after you install your OS. There is free antivirus as well as paid security software. If you are ready to shell out a few bucks, you can go for paid solutions. But the free ones work just fine. When you buy/download security software, make sure that it is a reputed one. A simple Google search can give you an idea whether the software is good or not. There are lots of Fake AVs doing the rounds and you don’t want to end up getting one of those. So this is an important step before getting a security suite.

Also Read: Protect Yourself from Internet Threats

Some examples of paid security software are Norton, NOD32, and Vipre etc. Free ones include AVG, Avast and Microsoft Security Essentials.

As I mentioned before, just having the anti-virus installed is not enough. You have to use it wisely. And by using wisely, I mean turning on the real-time protection, updating the AV and scanning your PC in regular intervals. The real-time protection mechanism monitors you PC all the time and will warn if there is any suspicious activity. Almost all major AV software has this feature.

Malware of different types are being released to the internet every minute and running an out-dated anti-virus makes your PC more susceptible to those malware. A common trend nowadays is that people tend to use trial versions of paid security suites that come pre-installed even after the trial has expired. Do not do that. As the trial is expired, you won’t be getting updates and your AV will be of no use unless you have the latest updates. So pay to get the full version of that software or else choose a free one to get those valuable definition updates. Remember! Updates are the spirit of your AV.

Do a system scan once in a while. A full scan every week would suffix. Most of the modern AVs allow you to schedule regular scans and automatic updates so that it requires minimum intervention from the end user.

Update the OS and all other installed software

While trying to break into a PC, it’s not just the vulnerabilities in Windows that the hackers take advantage of. Vulnerabilities in third party software are also an important issue. So make sure that all of the programs that you have installed are fully updated and not just your OS or security software.

Use a strong and unpredictable password

Your password is the key to your data and it is extremely important that you use a strong password. Here are some tips on creating a strong password.

  • Your password should have more than 8 characters.
  • Use a password that is not easily predictable. People tend to use passwords that are related to them such as their own names, date of births, favorite quotes etc. A hacker who stalks their victim’s social networking accounts such as Facebook can find this kind of information very easily. So it is very important that you use an un-related word, preferably a non-dictionary word as your password.
  • Try to include upper case letters, lower case letters, numbers and special characters to strengthen your password.
  • Do not use a single password for all your accounts. If you use a single password and your account gets hacked, your other accounts are also compromised.

Also Read: Tips to Create Easy-to-remember Strong Passwords | 4 Tools to Generate Strong Passwords

Practice safe browsing habits

Bad browsing habits are one of the major sources of malware infection. Always be vary of things that your download from the internet. Even if you download something from a trusted source, scan it before opening or executing the file. Do not download pirated software or media as there’s a big probability that they might be infected with malware.

Use your browser’s security features such as the smart screen and phishing filter while browsing. All of the major browsers such as IE, Firefox and Chrome come with these features.

While using social networks, be careful about whom you befriend and the level of data that you want to share with. For more on Facebook security, check out this guide.

Backup your data

Even if you are following the above practices, it is better to have a backup’ plan. The best method is to backup your data to an external hard drive. There is lots of software that will do this for you. Using Windows built in tools; you either do a full PC backup or choose which data you want to back. These settings can be found in the Backup and Restore Center in Windows 7 and Vista (just type backup in the start menu and press enter to open the Backup and Restore Center).You can also use paid software like Acronis True Image or Norton Ghost if you need more features.

Whether you use paid solution or the native Windows tool, make it a habit to backup important documents and media so that even if your system gets infected or corrupted, you don’t lose your important data.

You can also use websites to backup your data to the cloud. We have covered several services which allow users to backup files for free online, you will find most of them in our Online Storage section.

With the help of security software and by using our very precious common sense, we can easily reduce the chance of getting infected up to a great extent.

So stay safe and happy browsing!

Beware of the Fake System Tool


The other day, I spotted a warning at the Microsoft Malware Protection Center. They presented some great information about a piece of malware called    Winwebsec,  which is more commonly seen as “System Tool“. Apparently it’s popping up more often now, so I decided to put out a warning to our readers.

I’ve actually run into this one before, while fixing some of my friends and family’s computers. It wasn’t much trouble to get rid of at the time, but I’ve read that some of the newer versions are more difficult to remove.

An infected computer will start getting fake warnings like the one shown here. These warnings are very realistic. Their purpose is to try to fool you into buying some more fake software that will make things even worse for you.


I looked around and I found one or two good articles that tell you how to remove the fake System Tool, but I decided to put together my own little guide.  Below you’ll find a slideshow that I’ve put together. It will give you a better idea of what to look for and some suggestions on how to remove this Fake System Tool.

If you can’t see the slideshow here, you can view it at Google.  For those interested, here are some cool technical details about this infectious fake.

CARBERP – a New Browser Trojan to Worry About

malwareHow would you feel about a computer infection that could lie to your bank about your online transactions? What would happen if details such as who you are paying and how much, could be changed without you knowing it?

That’s exactly what can happen with the current crop of transactional trojans.   This is called screen injection, HTML overlayor the man-in-the-browser attack.

This type of infection can spy on you while you are online at many banking sites. ATM PINs, social security numbers and answers to secret questions are the types of information that will be stolen.

Previously, we’ve written about the Zeus trojan, which is the current king of the transactional trojans. Zeus used some very unique command-and-controlinterfaces that actually fooled security experts into giving up information. The Zeus trojan was also used to infect hundreds of U.S. Government employees when they opened a fake Christmas Card email from the White House.

If that’s not scary enough, there are more trojans out there that are being bred to compete with Zeus. According to TrustDefender, a well known security provider, a trojan named Carberp has recently added a whole slew of new features. These new features are intended to make it just as useful to black hats as Zeus. Here are some of the features:

  • It can run on non-administrator accounts.
  • It can infect XP, Vista and Seven machines.
  • It doesn’t make changes to the Window registry.
  • It hooks into the web browser to control all internet traffic.
  • It’s able to transmit real-time data to it’s masters.

It also covers it’s identity by appending random data into itself to foil normal anti-virus detection. The fact that it can run in non-admin mode and doesn’t write to the registry also makes it harder to detect. To most security software, Carberp could appear to be a simple browser add-on or extension.

The older Zeus trojan hasn’t been improved recently, and it looks like there’s a battle brewing that will decide the next popular trojan. Carberp is in the running with two or three others, such as SpyEye and Gozi.

It’s a rat race, with security experts always trying to build a better trap for the fast rats that keep breeding even faster rats. The security field profits from this race and so do the hackers.

We are the big losers.

Completely Repair Windows XP Without Losing Files

winFour years ago, when Windows XP was still king, and Vista was only a jester, I ran into an article by Fred Langa, which told me how to fix XP without losing personal files. I’ve been using this fix ever since to repair computers that have been crippled by spyware and trojans.

There’s one requirement that is a show stopper. You must have an official Windows XP installation CD. Sometimes computers either don’t come with one, or they come with a Restore CDfrom the manufacturer. The Restore CD may not work, or it may work differently.

If you don’t have an official Windows XP CD, you might be able to borrow one from a friend, but you’d better have the Product Key from your PC. It should be listed on a label which was placed somewhere on your computer. If you can’t find your Product Key, there are a few ways to recover the Key.

Another way to get an official CD is to buy one. A few years ago, I bought two copies of Windows XP from Just be sure to get your copy from a trusted seller.


Assuming you have a valid Windows installation CD, here are the steps to fix Windows XP. This should be done only if you have no other options to fix it. There are no guarantees that it will always work.

1. Insert the Windows Install CD and reboot.

Are Flash Cookies and Zombie Cookies Violating Your Privacy?

It’s bad enough that we get hit with tons of third party browser cookies that can track our surfing habits. Now we have to worry about Flash cookies and even worse, Zombie cookies. So what are these new cookies?

Almost every computer that accesses the web, now has Adobe Flash installed on it. In case you didn’t know, the Flash program stores it’s own cookies that your web browser has absolutely no control over. Are these Flash cookies bad for us? Yes, they can store all kinds of private information that can be passed to almost any website that uses them. A typical browser cookie is only 4k in size, while a Flash cookie can be up to 100k. That’s more room for information that you may not want to share.

In addition to being more difficult to control, the Flash cookies are now also resurrecting browser cookies that you may have intentionally blocked or removed. These resurrected cookies are known as Zombie cookies. I found out about this from Woody at Windows Secrets newsletter. Once I found out, I decided to look around for ways to get some control over these rogue Flash cookies. Here’s what I’ve found so far.

Adobe Flash has privacy settings that you can adjust by going to their website.

I’ll be honest with you – I really don’t understand many of these settings, but I have used them a few times. I just don’t know how much good it’s done me. Here are some sample screen shots of my settings.

adobe-flash-settings-1 adobe-flash-settings-3

There are settings in each of the 8 tabs there. All I can recommend is that you review the settings and be sure that most of them ask your permission for unusual requests such as webcam access.

Another way to control and remove Flash cookies is to use this freeware program I’ve found called FlashCookiesView.


This program is available as a zip file and is completely portable. Just unpack it into a folder and execute the program when you need it. FlashCookiesView allows you to see all of the Flash cookies, view the contents of the cookies, and to delete any of them you wish.

Get Nirsoft’s FlashCookiesView

More Information:

• Firefox users can delete Flash cookies with – BetterPrivacy
•  Here is a Chrome extension which also allows Flash cookie removal:  Click & Clean
•  Here is more security information on Flash cookies
•  You can delete Flash cookies manually by going to the storage locations listed here

Now you know as much as I do. If you have your own tips on controlling Flash cookies or any other Windows security issues, be sure to comment below or email me.

FamilyShield Blocks Phishing, Malware and Adult Websites

family-shield-icon A few weeks ago, a good friend of our family posted a question to me in Facebook.

How can I block adult content on my kid’s computer?

Fortunately, I already knew about several methods, but I wanted to give them something free and easy to use. I pointed them to the free OpenDNS service.

Why OpenDNS?

There’s no software to download and it’s always up to date with the latest information on what websites need to be blocked. It also works on Windows, Mac, Linux or almost any operating system.

To use the free OpenDNS Basic service, you will have to register an email address to be able to change the settings that control what types of web content you wish to block. However, OpenDNS is now offering   a new service, called FamilyShield, which doesn’t require registration and is even easier to set up.

What does FamilyShield block?

• Adult websites that are unsuitable for kids
• Proxy and anonymizer sites commonly used by savvy kids to bypass traditional Web filters
• Phishing sites that aim to trick you into handing over personal or financial information
• Some virus-spreading malware websites

How does FamilyShield work?

To tell you how it works, I’m going to use one of the 650+ free wallpapers from VladStudio.

Image: How the Internet Works by VladStudio:


When you are using FamilyShield or any other OpenDNS service, you are telling your PC to use OpenDNS as your default DNS server. Do you see the owl in the third frame of the picture? The DNS server (the owl) tells your computer the real address (IP address) of all the websites that your computer tries to access.

OpenDNS is a smart owl. If you ask it for the IP address of a website that contains something bad, OpenDNS won’t give you the address and you won’t be able to access the bad website. If you set up FamilyShield on your home network router, all the devices in your home are protected from the bad stuff out there.

Below, I’ll show you the typical FamilyShield setup for protecting your home.

1. Sign in with an email address or skip it by clicking the link labeled continue. They don’t require your email address.


2. Choose to set up FamilyShield on a single PC or on your home network (router).


3. If you choose router, you can find specific instructions for the most popular router models.


4. Below you can see the instructions for a Linksys router.


5. Once you have the router set up, you can test to see if FamilyShield is working by using the Test your new settingslink at the top of the instruction page.


That’s it. No software needed and your PC or your home network is protected. Your kids and you will be much safer using the FamilyShield from OpenDNS.

Techie Buzz Verdict:

I can’t tell enough people about this awesome free service. If you are reading this, you should tell all of your friends. It’s not a replacement for knowing what your kids are doing on the PC, but it’s an easy way to help protect them.


Fake Antivirus Sites Target Windows 7 Users

The folks who write malware and virus are not just smart at writing them, they are also very smart at camouflaging their stuff in such a way that unsuspecting users may easily get fooled to believe that they are actual doing something legitimate.

Many malware and virus thrive on SEO poisoning for popular search terms. They make use of the fast indexing capabilities of Google to get indexed for popular search terms, especially "sex scandals" and "sex videos".

Also Read: Tips To Keep You Safe On The Internet | Protect Yourself from Internet Threats

A recent analysis from the folks at Sophos Labs, uncovered several URLs which made it to Google through blackhat SEO, however, the more interesting finding was that, malware and virus writers have now started to generate spoof screens which look similar to .

Fake Antivirus Windows 7 Security Popup

When users visit sites which host such malware, they will come across an interface which is similar to Windows 7, with a popup which looks exactly like the security center popup for Windows 7. Furthermore, the malware site also displays fake antivirus scan results which show the user that there are several viruses installed on the PC.

Fake Antivirus Scan on Windows 7

It is easy to get fooled because of the stark similarities between this Fake antivirus, however, users should know that they are using a web browser, and such scans are not carried out by Microsoft in the web browser.

Though the looks may be deceiving, you should not click on any security related or free antivirus scans on a web browser. Additionally, many modern browsers are smart enough to block such malware sites, so make sure to keep your browser upgraded to the latest version.

You might also want to check on some tips we had written earlier to keep yourself safe on the internet.