PocoMail for Windows is no longer available for sale.
If you need to export your mail check out Stellar's Converter.
   
PocoMail 4.8 and Barca 2.8 Released - Download Now!
 
  Home arrow News arrow Security Alert: Phishing for your identity
poco systems inc | Monday, 23 October 2017
 
 
Main Menu
Home
Store - Buy Online
Products
Download
Support
Extras
News
Partners
Company
Contact
 
Latest News
 
Security Alert: Phishing for your identity
Phishing has become very popular with thieves bent on stealing your passwords and sometimes even money. To phish is a method of sending emails to trick the recipient in surrendering secret information to the attacker. Such emails will pretend to be from your bank, from Ebay, from PayPal or any other organization that may have your private information stored on their servers.

The email will ask you to go to a specific website to "update" your personal information, often including your credit card number. In reality, this fake website will just capture that information for the attacker.

It may sound far-fetched that anyone would fall for this tactic, but the attacker will go a long way to gain your trust: email may look identical to other email you receive from the organization they are trying to mimic. The URL you click on may appear to have your bank's name in it, even though it will direct you elsewhere without you realizing it. And once you reach that URL, the website may look identical to your bank's website, including all original graphics and links.

Some new and dangerous phishing techniques go even further to direct you to their website whenever you go to your bank's website, without your direct action (read more here). And while PocoMail and Barca are not vulnerable to this automated phishing technique, you can still be susceptible to some good social engineering that tricks you into going to attacker's website yourself and filling out the forms. Take a look at the following email received by our staff just this week:

You have just received a virtual postcard from Aunt Edna! You can pick up your postcard at the following web address:
http://www.postcards.org/?xxxxxx

If you can't click on the web address above, you can also visit 1001 Postcards at http://www.postcards.org/postcards
and enter your pickup code, which is: xxxxxxx

(Your postcard will be available for 60 days.)

We hope you enjoy your postcard, and if you do, please take a moment to send a few yourself!

Regards,
1001 Postcards
http://www.postcards.org/postcards

We edited the postcard code and edited the hyperlinks on the URLs from the original ones. The message looks innocent enough, yet a good eye would notice that when mousing over the URLs in the message, the URL displayed in the status bar for that link is completely different from the URL written out in the message. Many people would assume that clicking on a link that shows postcards.com in the text would be safe, but that may not always be the case. These types of hidden URLs are used to con you into thinking that the email is legitimate. Go ahead and click on the links above and see where you'll end up!

So be careful whenever being directed to a website by an email you did not solicit yourself!

< Prev   Next >
 
Poco Systems Inc © 1999 - 2007 All rights reserved.