Kurt mentioned in Daniel's PayPal phishing article how he dealt with phishing and that got me thinking about the easiest way to defeat phishing for certain accounts. The answer is virtual mail accounts. I always thought about virtual mail accounts as a way to stop spam and find out which website or service sells your email but it can also be used to defeat phishing.
Virtual mail accounts can be created in many online mail accounts including Gmail and Yahoo Mail. If you wanted to create such a virtual mail account in Gmail you would simply change the email address at the site where you are registered at to youraddress+added@gmail.com. To give you an example, you could use the email ghacks+paypalcom@gmail.com as your main email in PayPal.
You would then set a filter in Gmail to filter all messages send to this email. Now, whenever an email from PayPal arrives that was not send to this virtual email address you can be sure that it is a phishing email. To be effective you need to hide this email from everyone, even the people who send or receive money. This is done by using a second email for this purpose that is not your default email in PayPal.
This system works fine if the service accepts email addresses with plus signs. Most websites need only one virtual email address, your bank for instance, eBay and every other website where the email is not visible to contacts.
How to defeat Phishing - www.Tech-Dump.com
Virtual mail accounts can be created in many online mail accounts including Gmail and Yahoo Mail. If you wanted to create such a virtual mail account in Gmail you would simply change the email address at the site where you are registered at to youraddress+added@gmail.com. To give you an example, you could use the email ghacks+paypalcom@gmail.com as your main email in PayPal.
You would then set a filter in Gmail to filter all messages send to this email. Now, whenever an email from PayPal arrives that was not send to this virtual email address you can be sure that it is a phishing email. To be effective you need to hide this email from everyone, even the people who send or receive money. This is done by using a second email for this purpose that is not your default email in PayPal.
This system works fine if the service accepts email addresses with plus signs. Most websites need only one virtual email address, your bank for instance, eBay and every other website where the email is not visible to contacts.
How to defeat Phishing - www.Tech-Dump.com
