Pay Attention to Site Behavior

There’s a story on MSNBC.com about a security vulnerability discovered in DNS servers. Those are the machines that take the name you type into your address bar and convert it into numbers your computer can comprehend. If it converts it into the wrong set of numbers, you go to the wrong place.

It would be much like what happens to some of my mail. My address is 1241 Conference Road, but Conference Road meets Chemstrand Road, and for some reason some of my mail goes to Chemstrand Road and some of their mail (there’s a business at the address) comes to me.

So what do you do about this? At the most basic level, what you need to do is pay attention to what your regular web sites look like. This type of redirection is most important if it’s a banking or other financial site, where you will enter important information. Bank of America, where I have my personal bank account, uses an icon that identifies them to me as I’m logging in. This isn’t the BoA icon; rather, it’s a specific icon that I chose to have them show. It’s very much like having them have a password to log in to me.

But because vulnerabilities can occur, there’s no substitute for paying close attention. Watch for your financial institution asking to “confirm” all of your personal data. They’re not likely to forget your security question if you set one. If you are in doubt, it’s worth your while to get on the phone and call them. (Note: Don’t use the phone # on the web site you’re questioning! Go to some of your banking paperwork.)

This is only the briefest of overviews. For more information try this article, which does not discuss the latest issue, but still gives some good pointers, and from Microsoft, Recognize phishing scams and fraudulent e-mails.

If you do identify a problem it’s a good idea to notify the company involved. They generally have teams of experts to go after the fraudulent site.