Bank of America or what?
November 20th, 2010 by David Bradley >> 1 Comment
It’s almost 20 years since Berners-Lee and colleagues made the first web connection between computers (Xmas Day 1990) and to celebrate Google just released an ebook explaining everything you ever wanted to know about the web (cloud, html5, security, phishing) etc at http://www.20thingsilearned.com/
It covers a lot of ground succinctly and precisely and should serve as a good starting point for curious n00bs as well as a refresher for old hacks. on page 46, there’s an interesting summary explaining how to spot a phishing site.
LEGITIMATE:
www.bankofamerica.com is a legitimate URL, since the hostname is correct.
www.bankofamerica.com/smallbusiness is also a legitimate URL since the hostname is correct, it just points to a sub-folder, directory or page
SUSPICIOUS:
bankofamerica.xyz.com is not Bank of America’s website. This “bankofamerica” would be a subdomain of the website xyz.com
www.xyz.com/bankofamerica is still not Bank of America just a sub-folder on xyz.com
Watch out for phish and don’t get hooked.
More on Phishing and the web
- A curious guide to browsers and the web
- Avoiding Identity Theft from Phishing Scams
- HTML5, browsers, and books, twenty years later
- TED Blog | The next Web of open, linked data: Tim Berners-Lee on TED.com
- We Discuss: Phishing Attacks
- A flood of phishing sites and how to avoid them
- What it costs to host a malware site
- Berners-Lee: Weaving the Web
"Deceived Wisdom: Why What You Thought Was Right Is Wrong" from David Bradley. Available now on 
Leave a comment ↓
Vikki S // Nov 26, 2010 at 5:43 am
Good post – back in the old days when it was all text, spam and phishing was so much more obvious. Glad you are reminding people to check their URLs, because you are not being paranoid if they really are out to get you – and THEY ARE. Now the paper mail scams seem to be imitating the Internet ones, to boot!