Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Inside OS X Security: Page 3 of 11

The same thing goes for phishing. If you click on a link and give someone at random your credit card numbers, Social Security, tax ID, or government ID number, there's nothing the operating system can do to stop them from using that information in a way you don't like. Remember: No operating system in the world can stop someone determined to do something silly.

The solution here is simple: Don't do that. Don't enter financial or personal data on because "eBay" says your account is messed up, or someone is waiting for payment on something you didn't bid on.

I get tons of those a week, and I just delete them. If you don't have an Amazon account, then how can your Amazon account be messed up? What you can do is, where possible, report phishing attempts to the organization that the phisher is attempting to spoof. For example, eBay's contact point for such things is [email protected], Amazon's contact is https://www.amazon.com/gp/help/contact-us/report-phishing.html. Both sites have excellent help topics on phishing via the "help" URLs on their respective Web sites to help you learn more about their respective policies. Any organization you do business with should be able to provide you with the same information.

As far as other social engineering, again, some basic common sense works. If "Bob" in IT needs your user ID and password, first, make sure there actually is a "Bob" in IT. Then contact your security person or liaison and make sure that kind of thing is correct behavior.

If your security people don't know that this is happening, they can't do much about it. If all of this seems fairly obvious, well, it is. Not getting phished or engineered is actually easier because you have less to do to avoid it; don't provide the information. Also note there isn't an antivirus or anti-anything around that is able to stop you from giving personal information to people who shouldn't have it.

2
Trojan Horses